Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attackers to perform actions as administrators, as demonstrated by inserting an XSS sequence into a document.Referenceshttp://secunia.com/advisories/29651http://www.mrzayas.es/2008/04/07/xsrf-en-nuke-et-3x/https://exchange.xforce.ibmcloud.com/vulnerabilities/41851
