CVE-2015-6545

Name of the Vulnerable Software and Affected Versions Cerb versions prior to 7.0.4

Description A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action in the ajax.php file.

Recommendations For versions prior to 7.0.4, update to version 7.0.4 or later to resolve the issue.