Enviar #623479: ZHENFENG13 https://github.com/ZHENFENG13/My-Blog <=1.0.0 CSRFinformación

TítuloZHENFENG13 https://github.com/ZHENFENG13/My-Blog <=1.0.0 CSRF
DescripciónThe application has no CSRF protection, allowing attackers to leverage CSRF to launch various attacks against admin users. Particularly when combined with XSS vulnerabilities, this would enable attackers to target both frontend users and admin users.
Fuente⚠️ https://github.com/ZHENFENG13/My-Blog/issues/145
Usuario
 ZAST.AI (UID 87884)
Sumisión2025-07-26 18:26 (hace 9 meses)
Moderación2025-08-08 10:35 (13 days later)
EstadoAceptado
Entrada de VulDB319235 [zhenfeng13 My-Blog hasta 1.0.0 /admin/tags/save tagName falsificación de solicitudes en sitios cruzados]
Puntos16

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!