CVE-2018-1000137
Published
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrator's knowledge.
Legacy I, Librarian - collaborative PDF manager. Not maintained, new version is at https://github.com/mkucej/i-librarian-free
GitHub