CVE-2015-4677

FiverrScript 7.2 is affected by a cross-site request forgery (CSRF) vulnerability that lets an attacker hijack an administrator’s session to create a new admin via the administrator/admins_create.php endpoint. The root cause is CSRF in the admin-creation flow, enabling unauthorized actions in the...