Tplusss

**Name of the Vulnerable Software and Affected Versions** PbootCMS version 2.0.3 **Description** A Cross Site Request Forgery (CSRF) issue exists, allowing unauthorized actions to be performed. The issue is exploited via the "/admin.php?p=/User/index" API endpoint. **Recommendations** For PbootCMS version 2.0.3, consider implementing proper CSRF token validation to prevent unauthorized requests. As a temporary workaround, restrict access to the "/admin.php?p=/User/index" endpoint until a patch is available.