EIP-2026-113442

This exploit demonstrates a CSRF vulnerability in Windu CMS 2.2 that allows an attacker to add an admin user via a crafted HTML form. It also includes proof-of-concept code for multiple persistent XSS vulnerabilities in the same software.