Posted on Leave a comment

CVE-2018-20780

Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1).

Leave a Reply

Your email address will not be published. Required fields are marked *