CSRF resulting in adding pet at ███████
Low
M
Mars
Submitted None
Team Summary
Official summary from Mars
An insufficient validation of user-supplied input in the application occurred, allowing a Cross-Site Request Forgery (CSRF) vulnerability. The attacker can forge requests from an external website to add pets to the victim's account on █████████, provided the attacker knows the victim's account ID.
Actions:
Reported by
dr34m14
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-Site Request Forgery (CSRF)