# Description
An attacker can add any user thoughts via a CSRF attack
When you send a link to the victim and click on it, any thoughts will be added
# Proof of Concept
1- When the attacker adds any thoughts, it then intercepts the request
2- Take this request to generate a CSRF PoC
“`
“`
# POC
https://drive.google.com/file/d/11Hec1H-61UpoOLVi55uWRpLBUMLVjRbi/view?usp=share_link
# Some sources fix CSRF
Add CSRF Token
https://www.freecodecamp.org/news/csrf-protection-problem-and-how-to-fix-it
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.htmlRead More