CVE-2023-27576 Information

Description

An issue was discovered in phpList 3.6.12. Due to an access error it was possible to manipulate and edit data of the system’s super admin allowing one to perform an account takeover of the user with super-admin permission.

Reference

https://cupc4k3.lol/cve-2023-27576-hacking-phplist-how-i-gained-super-admin-access-44c7c90d82da