idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.
[
{
"cpes": [
"cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*"
],
"vendor": "idccms",
"product": "idccms",
"versions": [
{
"status": "affected",
"version": "1.35"
}
],
"defaultStatus": "unknown"
}
]