Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /save_settings.phpReferenceshttps://github.com/kilooooo/cms/blob/main/1.md
