Submit #549011: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Cross-Site Request Forgeryinfo

Titlehttps://gitee.com/xujiangfei/admintwo admintwo 1.0 Cross-Site Request Forgery
DescriptionThe /user/updateSet interface of Admintwo 1.0 does not implement CSRF protection mechanism, which enables attackers to construct malicious pages to trick logged-in users to perform unexpected operations of modifying user data.
Source⚠️ https://github.com/caigo8/CVE-md/blob/main/admintwo/CSRF.md
User
 Caigo (UID 81287)
Submission04/02/2025 05:40 (1 Year ago)
Moderation04/04/2025 09:35 (2 days later)
StatusAccepted
VulDB entry303327 [xujiangfei admintwo 1.0 /user/updateSet cross-site request forgery]
Points16

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!