idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=closeReferenceshttps://github.com/pangchunyuhack/cms/blob/main/61/csrf.md