2018-03-23 21:00:00
mitre
PUBLISHED
I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrators knowledge.