Porhai Eung

**Name of the Vulnerable Software and Affected Versions** Creatiwity wityCMS version 0.6.2 **Description** A CSRF issue exists in the admin/user/edit endpoint of Creatiwity wityCMS, allowing an attacker to take control of a user account by modifying the account's email field. **Recommendations** For Creatiwity wityCMS version 0.6.2, as a temporary workaround, consider implementing CSRF protection measures to prevent exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.