Shuosheng

**Name of the Vulnerable Software and Affected Versions** BOSSCMS version 3.10 **Description** The issue is related to Cross Site Request Forgery (CSRF) in the `head code` or `foot code` parameters. This means an attacker could potentially trick a user into performing unintended actions on the web application. **Recommendations** For BOSSCMS version 3.10, as a temporary workaround, consider restricting access to the `head code` and `foot code` parameters until a patch is available. Avoid using these parameters in sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.