CVE-2018-1000137

Name of the Vulnerable Software and Affected Versions: I, Librarian versions 4.8 and earlier

Description: The issue is related to a Cross Site Request Forgery (CSRF) vulnerability. This vulnerability is located in the users.php file and can lead to the admin's password being changed without their knowledge.

Recommendations: For versions 4.8 and earlier, update to a version that contains a fix for this issue to prevent unauthorized password changes. As a temporary workaround, consider restricting access to the users.php file to minimize the risk of exploitation.