Light Feed · Leed · CVE-2013-2628
**Name of the Vulnerable Software and Affected Versions**
Leed (Light Feed) versions prior to 1.5 Stable
**Description**
The issue is related to multiple cross-site request forgery (CSRF) vulnerabilities in the action.php file. These vulnerabilities could allow remote attackers to hijack the authentication of administrators for unspecified requests due to the lack of an anti-CSRF token.
**Recommendations**
For versions prior to 1.5 Stable, update to version 1.5 Stable or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to prevent CSRF attacks, such as validating request origins and verifying user intentions.