Posted on

Userscape HelpSpot up to 4.7.1 Endpoint index.php POST Request cross site request forgery

A vulnerability, which was classified as problematic, was found in Userscape HelpSpot up to 4.7.1. Affected is some unknown processing of the file index.php?pg=password.change of the component Endpoint. Upgrading to version 4.7.2 eliminates this vulnerability.