|Number of vulnerabilities||1|
|CWE ID|| CWE-352
|Public exploit||Not available|
|Vulnerable software versions||
The vulnerability allows a remote attacker to perform CSRF attack.
The vulnerability exists due to absent validation of the request origin when performing certain database operations, such as deleting records or altering/truncating data in tables. A remote attacker can create a specially crafted web page, trick the victim into opening it and perform CSRF attack.
Update to version 4.7.7.External links