CVE-2015-2259: UliCMS index.php cross-site request forgery
CVE-2015-2259 affects UliCMS via the index.php script, where improper validation enables a CSRF condition. An authenticated user visiting a crafted site could be forced to perform actions that add an administrator account, with potential for cross-site scripting and Web cache poisoning. The descr...