Cllmsyko

**Name of the Vulnerable Software and Affected Versions** YzmCMS version 6.3 **Description** The issue is related to Cross Site Request Forgery (CSRF) in the "/admin.add" API endpoint. This means an attacker could potentially trick a user into performing unintended actions on the web application. **Recommendations** For YzmCMS version 6.3, consider implementing proper CSRF token validation to prevent unauthorized requests to the "/admin.add" endpoint. As a temporary workaround, restrict access to the "/admin.add" endpoint until a proper fix is applied.