CVE-2024-46610 | Thecosy IceCMS up to 3.4.7 POST Request UserController.java ChangeUser username/password access control
A vulnerability classified as problematic has been found in Thecosy IceCMS up to 3.4.7. Affected is the function ChangeUser of the file UserController.java of the component POST Request Handler. The manipulation of the argument username/password leads …