jizhicms v2.3.1 has a vulnerability, Cross-site request forgery(CSRF)

version：v2.3.1
![image](https://user-images.githubusercontent.com/60609675/179764274-4b95effb-b33e-4508-ae85-77d1107f0f56.png)
The issue in the background - > User Management - > administrator list
![image](https://user-images.githubusercontent.com/60609675/179764533-82a16b97-28a7-4689-9cab-fda210224a48.png)
add a administrator and grab a package.
![image](https://user-images.githubusercontent.com/60609675/179764737-888bd574-8a1d-4eb2-8250-640826b59d7e.png)
![image](https://user-images.githubusercontent.com/60609675/179764770-dafd9ab6-4467-4850-be46-979007300ba2.png)
use CSRF poc and drop the package.
![image](https://user-images.githubusercontent.com/60609675/179764919-de7716d6-6207-4aae-93fd-7ebe9b2b4f8f.png)
![image](https://user-images.githubusercontent.com/60609675/179765049-988c72b6-98e1-4a60-b6bb-f2b8ef91971e.png)
submit 
![image](https://user-images.githubusercontent.com/60609675/179765104-670dd49c-917f-47c8-9d06-ab16a6813226.png)
![image](https://user-images.githubusercontent.com/60609675/179765254-25bec4b9-98a8-4173-85d3-d86f2a0de5cc.png)
Super administrator added successfully
![image](https://user-images.githubusercontent.com/60609675/179765347-54f1c98e-c220-4f05-ad71-38f1f3b69bc2.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

jizhicms v2.3.1 has a vulnerability, Cross-site request forgery(CSRF) #77

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development