TestLink v1.9.20 exists to contain a Cross-Site Request Forgery (CSRF) via /lib/plan/planView.php.
testlink testlink 1.9.20