CVE-2020-28846

Name of the Vulnerable Software and Affected Versions: SeaCMS version 10.7

Description: A Cross Site Request Forgery (CSRF) issue exists in the admin manager.php file, which could allow a malicious user to add an admin account. This could potentially lead to unauthorized access and control of the system.

Recommendations: For SeaCMS version 10.7, consider disabling access to the admin manager.php file until a patch is available to prevent exploitation of the CSRF vulnerability. Restricting access to this file can help minimize the risk of adding unauthorized admin accounts.