Sorry for the late notice of this, but when I reviewed the Scholarship app originally, I missed reporting my note that it didn't have any csrf protection on its forms.
Needs to be added to public application, login form, and the admin forms that update the application's data.
Probably doesn't prevent turning on the site next week, but should get fixed soon.
Version: unspecified
Severity: normal