Udemy s3 storage can be used by an attacker personal website because of missing CSRF Token
U
Udemy
Submitted None
Team Summary
Official summary from Udemy
The report was about a staging S3 bucket where we allow any file to be uploaded and then further process it from there. It was closed as informative because there is no security risk associated with it.
Actions:
Reported by
csanuragjain
Report Details
Additional information and metadata
State
Closed
Substate
Informative
Submitted
Weakness
Cross-Site Request Forgery (CSRF)