Autism_Jh

**Name of the Vulnerable Software and Affected Versions** DamiCMS version 6.0.0 **Description** An issue was discovered that allows revision of the administrator account's password via the "API Endpoint: /admin.php?s=/Admin/doedit" due to a CSRF vulnerability. **Recommendations** For DamiCMS version 6.0.0, consider disabling access to the /admin.php?s=/Admin/doedit endpoint until a patch is available to prevent exploitation of the CSRF vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.