Faveo Cross-Site Request Forgery Vulnerability

Faveo is an open source , based on the Laravel framework of the ticket management system . A cross-site request forgery vulnerability exists in public/rolechangeadmin in Faveo version 1.9.3. A remote attacker can exploit this vulnerability to gain administrator privileges...

CVE-2017-7571

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...