One of the features available to a Chaturbate user is the ability to upload images into photo sets. The upload functionality does not use any CSRF tokens, allowing attackers to perform CSRF attacks and upload images to a user's profile without the user's consent.
setID of the newly created set (this is available by visiting set in the profile page. It'll be in the URL :
poc.htmlby replacing the number
setID found at step #3.
You'll notice that the photo set now inludes an additional image (a blank/white image).
In order for this attack to work, an attacker would need to know the correct photo set ID. Since set IDs are public information, this isn't an issue.
I've set the impact here to medium since this affects the integrity of user accounts.