DedeCMS v5.7 exists to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php.