Wisec

**Name of the Vulnerable Software and Affected Versions** PHP-Nuke versions 8.0 and earlier **Description** The issue concerns a problem with cross-site request forgery (CSRF) protection. It does not properly validate the HTTP REFERER, allowing remote attackers to conduct CSRF attacks. **Recommendations** For PHP-Nuke versions 8.0 and earlier, ensure the SERVER superglobal is validated as an array before checking the HTTP REFERER to prevent CSRF attacks.