Shimmer

**Name of the Vulnerable Software and Affected Versions** Cscms version 4.1.8 **Description** The issue allows for a CSRF attack on the "admin.php/links/save" endpoint to add, modify, or delete friend links. **Recommendations** For version 4.1.8, update to a newer version that includes a fix for this issue, or as a temporary workaround, consider implementing CSRF protection measures to prevent unauthorized requests to the "admin.php/links/save" endpoint.