CVE-2018-10295by Jeremyin Security Bulletinson Posted on April 22, 2018 ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.