Security sNews CMS 1.7.1 CSRF / Cross Site Scripting June 20, 2016 007admin Leave a comment sNews CMS version 1.7.1 suffers from cross site request forgery and cross site scripting vulnerabilities.