OpenSolution QuickCMS Cross-Site Request Forgery Vulnerability

Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in OpenSolution QuickCMS version 6.8. This vulnerability allows an attacker to create a malicious website that, when visited by a user with administrative privileges, automatically sends a POST request using the victim's credentials. QuickCMS lacks any protection against CSRF attacks, leaving all forms within the application potentially vulnerable.

Impact

Exploitation of this vulnerability allows for Cross-Site Request Forgery, where an attacker can perform actions on behalf of a user without their consent, potentially leading to unauthorized changes or data manipulation within the application.

Added: Mar 6, 2026, 11:17 AM

Updated: Mar 6, 2026, 11:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.8

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.8

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenSolution QuickCMS Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating