idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=delReferenceshttps://github.com/da271133/cms2/blob/main/45/csrf.md