froxlor/froxlor is vulnerable to cross-site request forgery. The vulnerability exists due to the lack of security checks in the deleting api keys in `api_keys.php`, allowing an attacker to delete the api keys with the specified id by redirecting to the api key deletion endpoint through the GET request.Read More