An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.Referenceshttps://gitee.com/mingSoft/MCMS/issues/IM1DA
