A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions.Referenceshttps://www.openwall.com/lists/oss-security/2011/08/19/13
