CVE-2019-15229
FUEL CMS 1.4.4 is affected by a CSRF flaw in the Admin console’s blocks/create/Create Blocks section. The vulnerability allows an attacker to trick an administrator into executing arbitrary code by requesting a crafted HTML page. Root cause: CSRF in the blocks/create path. Impact is described as ...