CVE-2020-20693

A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt