Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote attackers to hijack the authentication of logged administrators to 1 add an administrator user via a crafted POST request to...