Cross-site Request Forgery (CSRF)

CMS Made Simple is vulnerable to cross-site request forgery CSRF attacks. A malicious user can hijack the authentication of admins for requests to create accounts through an admin/adduser.php requests...