Sharpforce

**Name of the Vulnerable Software and Affected Versions** Yuba u5cms version 8.3.5 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) in the `savepage.php` component, allowing attackers to execute arbitrary code. **Recommendations** For Yuba u5cms version 8.3.5, consider restricting access to the `savepage.php` component until a patch is available. As a temporary workaround, disabling the execution of arbitrary code in this component may help mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.