# Description Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks explo ...
Continue Reading
December 29, 2022
# Description An attacker can be post malicious content to other user's memos page via POST request, attacker just add an `creatorID` into body request and send it with Burpsuite **Here is video poc* ...
Continue Reading
December 29, 2022
# Description I have discovered in Memos a CSRF Vulnerability (in Create a Memo Functionality (POST /api/memo). I have identified that it is possible to manipulate the actions of authenticated users b ...
Continue Reading
December 29, 2022
# Description Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks explo ...
Continue Reading
December 29, 2022
# Description Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks explo ...
Continue Reading
December 29, 2022
# Description Hello Team, Create a member functionality is vulnerable for CSRF Attack , by exploiting CSRF vulnerability , attacker can add new Members ``` ``` ``` POC video: https://drive.google.co ...
Continue Reading
December 29, 2022
# Description An attacker can add any user thoughts via a CSRF attack When you send a link to the victim and click on it, any thoughts will be added # Proof of Concept 1- When the attacker adds any t ...
Continue Reading
December 29, 2022
# Description This vuln allow attacker trigger admin submitting a malicious request to create new user with any role. # Proof of Concept 1. Attacker create malicious script with csrf payload and uplo ...
Continue Reading
December 29, 2022
Back to Main
