Ektron CMS versions 9.10 SP1 build 9.1.0.184.1.114 and below suffer from a cross site request forgery vulnerability.