CVE-2018-15206 (smartvista)

BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.
Source: NIST
CVE-2018-15206 (smartvista)