CSRF Vulnerability on post creation page /community/create-post.json

In this report the researcher demonstrated how to exploit a CSRF vulnerability on the impacted endpoint. This would allow a remote attacker to spam the community boards as other users. This attack only worked in Chrome browsers. A recent update to Chrome changed how cross-origin requests are handled, and as a result this attack is no longer exploitable in modern browsers.