VYPR
Unrated severityNVD Advisory· Published Jun 18, 2015· Updated Jun 17, 2026

CVE-2015-4659

CVE-2015-4659

Description

Cross-site request forgery (CSRF) vulnerability in ClickHeat 1.14 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a config action to index.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.