MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.Referenceshttps://www.sevenlayers.com/index.php/240-myt-project-management-1-5-1-csrf
