Description
Episerver CMS is a ASP.NET web content management system and digital marketing suite.
Ektron CMS 9.20 SP2 (and older versions) allows remote attackers to access administrative pages such as (/WorkArea/activateuser.aspx) without authentication by faking the Referer HTTP header.
Remediation
Upgrade to the latest version of Ektorn CMS. This vulnerability was patched with EKTR-508 (Security enhancement for re-enabling a user).
References
Related Vulnerabilities
WordPress Plugin User Rights Access Manager Security Bypass (1.0.5)
WordPress Plugin YITH WooCommerce Brands Add-On Security Bypass (1.3.6)
WordPress Plugin Alphabetic Pagination Security Bypass (3.0.7)
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19)
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.6.11)