CVE-2018-20780 admin 6년 ago CVE-2018-20780 Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1). Source: CVE-2018-20780