CVE-2015-2680

Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php.

Date published : 2015-03-23

http://www.securityfocus.com/bid/73299

http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17