CVE-2013-5748

Name of the Vulnerable Software and Affected Versions SimpleRisk versions prior to 20130916-001

Description A cross-site request forgery issue exists, allowing remote attackers to hijack user authentication for requests that add projects via an add project action in the management/prioritize planning.php file.

Recommendations For versions prior to 20130916-001, update to version 20130916-001 or later to resolve the issue.