An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.Referenceshttps://github.com/Neeke/HongCMS/issues/1
