Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 allows remote malicious users to hijack the authentication of admins for requests that add admin accounts via an admin.newuser action to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
flyspray flyspray 0.9.9.6 |