Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.Referenceshttp://jvn.jp/en/jp/JVN66828183/index.htmlhttp://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txthttp://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html
