CVE-2024-46911 Apache Roller: Weakness in CSRF protection allows privilege escalation
Cross-site Resource Forgery CSRF, Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content and this combined with a deficiency in Roller's CSRF protections allowed an escalation of privileges...