CVE-2018-18422by Jeremyin Security Bulletinson Posted on October 17, 2018 UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI.