Description
FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2180 Vulnerability (CVE-2021-2180)
WordPress Plugin 301 Redirects-Easy Redirect Manager Security Bypass (2.40)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9859)
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)