CVE-2020-26522

A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt