Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
CVSS Score
8.1
EPSS Score
0.001
Published
2019-01-24
An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-09-02