CVE-2017-12792
CVE-2017-12792 affects NexusPHP 1.5. Multiple CSRF vulnerabilities enable remote attackers to hijack administrator sessions by issuing requests that trigger XSS via the linkname, url, or title parameters in an add action to linksmanage.php. Root cause: CSRF in NexusPHP 1.5; impact stated as hijac...