Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6.0 allows remote attackers to make administrative modifications via a (1) save or (2) delete action to an unspecified component.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3716)