HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.Referenceshttps://github.com/albandes/helpdezk/issues/2http://www.securityfocus.com/bid/97484https://www.exploit-db.com/exploits/41824/http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html
