flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php.Referenceshttps://github.com/Carl0724/cms/blob/main/2.md
