CVE-2019-6779
CVE-2019-6779 affects CSCMS 4.1.8. The vulnerability is a CSRF flaw on the admin.php/links/save endpoint, enabling an attacker to add, modify, or delete friend links without providing proper authorization. Root cause stated is lack of CSRF protection on that admin action; exploitation details are...