Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.
zohocorp manageengine log360
zohocorp manageengine log360 5.2