DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.phpReferenceshttps://github.com/777erp/cms/blob/main/2.md
