Haungtongfuo

**Name of the Vulnerable Software and Affected Versions** imcat version 5.4 **Description** The issue allows remote attackers to escalate privilege via a lack of token verification, which is a result of a Cross Site Request Forgery vulnerability. **Recommendations** For imcat version 5.4, consider implementing token verification to prevent Cross Site Request Forgery attacks. As a temporary workaround, restrict access to sensitive operations that could be exploited through this vulnerability until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** imcat version 5.4 **Description** A Cross Site Request Forgery (CSRF) issue allows remote attackers to gain escalated privileges. This is due to flaws in one-time token generation on the "add administrator" page. **Recommendations** For imcat version 5.4, consider disabling the add administrator functionality until a patch is available to prevent exploitation of the CSRF issue.