CVE-2013-2628

Name of the Vulnerable Software and Affected Versions Leed (Light Feed) versions prior to 1.5 Stable

Description The issue is related to multiple cross-site request forgery (CSRF) vulnerabilities in the action.php file. These vulnerabilities could allow remote attackers to hijack the authentication of administrators for unspecified requests due to the lack of an anti-CSRF token.

Recommendations For versions prior to 1.5 Stable, update to version 1.5 Stable or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to prevent CSRF attacks, such as validating request origins and verifying user intentions.