| Название | code-projects School Fees Payment System 1.0 Cross-Site Request Forgery |
|---|
| Описание | During security assessment of "School Fees Payment System", a CSRF vulnerability was discovered in all functionalities that modify the system status and user data. The system lacks CSRF protection mechanisms, enabling attackers to forge malicious requests that execute privileged actions via authenticated victims' browsers. Immediate implementation of anti-CSRF measures is required to prevent unauthorized operations. |
|---|
| Источник | ⚠️ https://github.com/tuooo/CVE/issues/15 |
|---|
| Пользователь | DS_Leo (UID 86084) |
|---|
| Представление | 14.06.2025 12:37 (10 месяцы назад) |
|---|
| Модерация | 19.06.2025 12:34 (5 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 313336 [code-projects School Fees Payment System 1.0 подделка межсайтовых запросов] |
|---|
| Баллы | 19 |
|---|