| शीर्षक | BootDo Web V1.0 CSRF |
|---|
| विवरण | During the security review of "BootDo",I discovered a critical CSRF injection vulnerability in the "UserController.java" file.
The save method do not impose restrictions on CSRF attacks, resulting in CSRF attacks
Attackers can exploit this CSRF vulnerability to achieve unauthorized actions on behalf of the user, such as modifying account settings, making unauthorized transactions, or accessing sensitive user data without their consent. This can lead to serious breaches of user privacy, financial loss, and a loss of trust in the system, posing a significant threat to both user security and the overall integrity of the application. |
|---|
| स्रोत | ⚠️ https://github.com/webzzaa/CVE-/issues/6 |
|---|
| उपयोगकर्ता | Tom132432 (UID 85670) |
|---|
| सबमिशन | 20/01/2026 05:07 AM (5 महीनों पहले) |
|---|
| संयम | 03/02/2026 04:29 PM (14 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 344028 [lcg0124 BootDo तक e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb क्रॉस साइट रिक्वेस्ट फॉर्जरी] |
|---|
| अंक | 19 |
|---|