Lucene search
Thanhlam-attt8B93C7BF-5052-424A-85CC-7E5491C61F20HistoryOct 09, 2023 - 5:53 a.m.
Cross-Site Request Forgery (CSRF) in
2023-10-0905:53:18
thanhlam-attt
www.huntr.dev
9
csrf
vulnerability
participant permissions
edit assignment
bugbounty
Description
CSRF led to change permissions of participant in Edit Assignment sessions.
Proof of Concept
Payload: https://drive.google.com/file/d/1dHY9CS6R4mKM4F0im5n1aUxFamMEjbAa/view?usp=sharing
Video PoC: https://drive.google.com/file/d/1AdDFE_-qOF-EvVEJzzXKguMfr6ZkXXEx/view?usp=drive_link
Related
prion
prion
Cross site request forgery (csrf)
2023-11-07 04:24:00
osv
osv
CVE-2023-5902
2023-11-07 04:24:32
nvd
nvd
CVE-2023-5902
2023-11-07 04:24:32
cve
cve
CVE-2023-5902
2023-11-07 04:24:32
cvelist
cvelist
CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
2023-11-01 00:00:41
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
17.0%
Related for 8B93C7BF-5052-424A-85CC-7E5491C61F20