Anquanfuwu

**Name of the Vulnerable Software and Affected Versions** sikcms version 1.1 **Description** The issue allows for CSRF via the "admin.php?m=Admin&c=Users&a=userAdd" endpoint to add an administrator account. **Recommendations** For version 1.1, as a temporary workaround, consider disabling access to the "admin.php?m=Admin&c=Users&a=userAdd" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.