Launchpad.net

CVE 2016-4887

Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

See the CVE page on Mitre.org for more details.

References