2020-05-20 13:54:08
mitre
PUBLISHED
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.