CVE-2018-20015
YzmCMS 5.2 contains a CSRF vulnerability in admin/role/add.html. The CVE entry notes a CSRF weakness with a CVSSv3 base score of 8.8 (HIGH). Attack vector is NETWORK, with no privileges required, but user interaction is required, and impacts are HIGH for confidentiality, integrity, and availabili...