pyLoad is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to a missing SameSite attribute for the session cookie. This allows an attacker to perform a Cross-Site Request Forgery (CSRF) attack via an API…Read More