2025-03-05 00:00:00
mitre
PUBLISHED
Cross Site Request Forgery (CSRF) vulnerability exists in the pvmsg.php?action=add_message, pvmsg.php?action=confirm_delete , and ajax.server.php?page=user&action=flip_follow endpoints in Ampache <= 6.6.0.