Pimcore CMS version 3.0.5 suffers from a cross site request forgery vulnerability.