FormCraft <= 1.2.1 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability

Unauthenticated

Published
2019-03-12

Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page.

CVE

https://www.cve.org/CVERecord?id=CVE-2019-5920

CVSS

Score:8.8

Severity:High

Version: 1.2.1

There is a patch available in v1.2.2 and we strongly recommend you update to this version as soon as possible.