Cross-Site Request Forgery (CSRF)

github.com/1panel-dev/1panel is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to missing CSRF protections such as anti-CSRF tokens or Origin/Referer validation, which allows an attacker to craft a malicious webpage that triggers unauthorized panel name changes when a...

1Panel 跨站请求伪造漏洞

1Panel is an open source Linux server operation and maintenance management panel from China's 1Panel community. A cross-site request forgery vulnerability exists in 1Panel versions 110.33 through 2.0.15, which stems from a lack of CSRF protection implemented in the panel name management feature,...