Tinyfisher

Name of the Vulnerable Software and Affected Versions: TuziCMS version 2.0.6 Description: An issue in TuziCMS allows for a CSRF vulnerability, enabling the addition of an admin account. This is demonstrated through a history.pushState call. Recommendations: For TuziCMS version 2.0.6, update to a newer version that contains a fix for this issue, if available. As a temporary workaround, consider implementing CSRF protection measures to prevent unauthorized actions.