Fleetcaptain

**Name of the Vulnerable Software and Affected Versions** Chyrp Lite version 2016.04 **Description** The issue allows attackers to hijack the authentication of logged-in users, enabling them to modify account information, including passwords, through a CSRF in the user settings function. **Recommendations** For Chyrp Lite version 2016.04, consider disabling the user settings function temporarily to prevent exploitation until a fix is available. Restrict access to the user settings module to minimize the risk of account information modification. Avoid using the vulnerable function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.