CVE-2018-10503

Name of the Vulnerable Software and Affected Versions: baijiacms V4 version v4 1 4 20170105

Description: An issue in index.php allows for CSRF attacks, enabling unauthorized actions such as adding an administrator account via "op=edituser", changing the administrator password via "op=changepwd", or deleting an account via "op=deleteuser".

Recommendations: For baijiacms V4 version v4 1 4 20170105, consider implementing CSRF protection measures to prevent unauthorized actions, such as validating user requests and ensuring that sensitive operations like adding, modifying, or deleting accounts require proper authentication and authorization.