# Affected software: x2 engine # Type of vulnerability: csrf # URL: http://demo.x2engine.com # Discovered by: Provensec # Website: http://www.provensec.com #version :*X2Engine 5.0.4 Platinum Edition* # Proof of concept x2 engine was not using any csrf token which causes a csrf issue which an attacker can use to send emails