CVE-2021-30224

Critical 8.8

Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers to create an admin user with an arbitrary credentials.

Published April 29, 2021.