5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.2%
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
github.com/tifaweb/Dswjcms/issues/6