CVE-2018-15682

Name of the Vulnerable Software and Affected Versions BTITeam XBTIT (affected versions not specified)

Description An issue was discovered due to a lack of cross-site request forgery protection, making it possible to automate the action of sending private messages to users by luring an authenticated user to a web page that automatically submits a form on their behalf.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.