Submit #549011: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Cross-Site Request Forgeryinfo

Titelhttps://gitee.com/xujiangfei/admintwo admintwo 1.0 Cross-Site Request Forgery
BeschreibungThe /user/updateSet interface of Admintwo 1.0 does not implement CSRF protection mechanism, which enables attackers to construct malicious pages to trick logged-in users to perform unexpected operations of modifying user data.
Quelle⚠️ https://github.com/caigo8/CVE-md/blob/main/admintwo/CSRF.md
Benutzer
 Caigo (UID 81287)
Einreichung02.04.2025 05:40 (vor 1 Jahr)
Moderieren04.04.2025 09:35 (2 days later)
StatusAkzeptiert
VulDB Eintrag303327 [xujiangfei admintwo 1.0 /user/updateSet Cross Site Request Forgery]
Punkte16

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!