CVE-2011-5300

Name of the Vulnerable Software and Affected Versions poMMo Aardvark PR16.1

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators for requests that modify credentials via certain admin parameters.

Recommendations For poMMo Aardvark PR16.1, consider disabling access to the admin/setup/config/users.php file until a patch is available to prevent exploitation of the CSRF vulnerability. Restrict access to the admin parameters in the affected file to minimize the risk of credential modification.