CSRF Vulnerability in JEECMS 9.3 Allows Unauthorized User Addition

AV:N/AC:M/AU:N/C:P/I:P/A:P

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.