| Title | ZHENFENG13 https://github.com/ZHENFENG13/My-Blog <=1.0.0 CSRF |
|---|
| Description | The application has no CSRF protection, allowing attackers to leverage CSRF to launch various attacks against admin users. Particularly when combined with XSS vulnerabilities, this would enable attackers to target both frontend users and admin users. |
|---|
| Source | ⚠️ https://github.com/ZHENFENG13/My-Blog/issues/145 |
|---|
| User | ZAST.AI (UID 87884) |
|---|
| Submission | 07/26/2025 18:26 (9 months ago) |
|---|
| Moderation | 08/08/2025 10:35 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 319235 [zhenfeng13 My-Blog up to 1.0.0 /admin/tags/save tagName cross-site request forgery] |
|---|
| Points | 16 |
|---|