Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.Referenceshttps://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md
