Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let a malicious user delete a video message.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18463
Reference (s):
- https://github.com/Richard1266/aikcms/issues/2