| Titel | unitecms oasys 1.0 Unauthorized |
|---|
| Beschreibung | By utilizing the user's login status, a forged request is sent to the target website without the user's knowledge. Attackers usually place malicious code on third-party websites. When users visit the website, the malicious code will automatically send fake requests to the target website, thereby achieving the purpose of the attack. XS and CSS can also be combined to achieve more influential attacks. |
|---|
| Quelle | ⚠️ https://github.com/misstt123/oasys/issues/11 |
|---|
| Benutzer | moyu666 (UID 83894) |
|---|
| Einreichung | 08.04.2025 11:35 (vor 1 Jahr) |
|---|
| Moderieren | 16.04.2025 03:21 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 304976 [misstt123 oasys 1.0 Sticky Notes Cross Site Request Forgery] |
|---|
| Punkte | 19 |
|---|