DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 40.7%