Chyrp Lite 2016.04 - Cross-Site Request Forgery in User Settings
Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password.