BirdBlog version 1.4.0 suffers from a cross site request forgery vulnerability.