CVE-2010-1732

Name of the Vulnerable Software and Affected Versions Zikula Application Framework versions prior to 1.2.3

Description A cross-site request forgery issue exists in the users module, allowing remote attackers to hijack administrator authentication for requests that modify the administrator email address through the updateemail action.

Recommendations For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the users module to minimize the risk of exploitation.