CVE-2018-25168
Precurio Intranet Portal 2.0 contains a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests to the /public/admin/user/submitnew endpoint without CSRF tokens. The issue stems from missing CSRF pro...