Compromise complete application with CSRF attack

List of Vulnerability helped in Exploitation

  1. No email verification
  2. Improper Validation on Server site — Email Update
  3. No Cross-Site Requests Forgery Protection — Anti CSRF token missing

--

--

--

Security Researcher | OSCP

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

TribeOne’s dApp- Update

Compensation Plan 4: KLEVA Token for Unstaked ibKUSDT

Individual POV Assignment 1

Join InsureDAO Airdrop

Seafarer’s Guide to Staying Safe Online

SecureWorks Red Cloak Local Bypass

Red Cloak Agent Bypassed!

Exploring Shodan for healthcare insights

Securing Your Wordpress Website

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vaibhav Joshi

Vaibhav Joshi

Security Researcher | OSCP

More from Medium

How to create the Project using Spring Boot?

TEMPERATURE CONTROL SISTEM WITH ESP8266 AND MYSQL

PARTII 150 Tweets

Designing tables with Jetspike