CSRF Vulnerability in I, Librarian Version 4.8 and Earlier Allows Unauthorized Password Changes
CVE-2018-1000137 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrator's knowledge.
Learn more about our User Device Pen Test.