CVE-2018-7733
CVE-2018-7733 affects YxtCMF 3.1. The root cause is a CSRF vulnerability in RbacController.class.php, demonstrated by modifying an administrator account via index.php/admin/user/add_post.html. This CSRF flaw could allow an attacker to alter admin information without proper authorization. The conn...