Summary: An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.Published: Tuesday, July 7, 2020 - 22:15cvss: 5.0