DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php.Referenceshttps://github.com/Fishkey1/cms/tree/mainhttps://github.com/Fishkey1/cms/commit/e9d294951ab2dd85709f1d12ad4747f25d326b1b