CVE-2021-45017

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html file containing CSRF on the website that uses a google editor; you can specify the menu url address as your malicious url address in the Add Menu column. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt