CVE-2022-43031

DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt