Cross-site Request Forgery (CSRF)
Overview ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the /session/verify component. An attacker can gain unauthorized access to user sessions by exploiting incomplete protections, potentially allowing takeover of site...