Multiple cross-site request forgery (CSRF) vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to perform (1) unspecified actions as administrators via unknown vectors or (2) unspecified actions as arbitrary users via vectors involving the profile page.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0708)