CVE-2020-26522

A cross-site request forgery CSRF vulnerability in mod/user/actuser.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts...