Description
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.
Remediation
References
Related Vulnerabilities
WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)
WordPress Plugin Wordpress Forms Multiple Vulnerabilities (0.2.7.1)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)
WordPress Plugin Oleggo LiveStream Cross-Site Scripting (0.2.6)
WordPress Plugin WP Popups-WordPress Popup builder Cross-Site Scripting (2.1.4.6)