Seacms · Seacms · CVE-2023-43278
**Name of the Vulnerable Software and Affected Versions**
Seacms versions up to v12.8
**Description**
A Cross-Site Request Forgery (CSRF) in admin manager.php allows attackers to arbitrarily add an admin account.
**Recommendations**
For Seacms versions up to v12.8, update to a version later than v12.8 to resolve the issue.
As a temporary workaround, consider restricting access to the admin manager.php file until a patch is available.