source: https://www.securityfocus.com/bid/67291/info TOA is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. TOA 2.5.6 is vulnerable; other versions may also be affected.