An issue was discovered in HYBBS 2.2. /?admin/user.html has a CSRF vulnerability that can add an administrator account.Referenceshttps://github.com/hyyyp/HYBBS2/issues/3
