Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.Referenceshttps://github.com/sota70/teedy-v1.11-csrfhttps://blog.teedy.io/https://github.com/sismics/docs/releases/tag/v1.11
