An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated attackers to obtain the Administrator account password.
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Yjcms | Eyunjing | 1.0.9 (including) | 1.0.9 (including) |