EUVD-2021-2407

Malware in sbrugna...

Cross-Site Request Forgery allowing sending of test emails and generation of node auto-deployment keys

Impact Due to improperly configured CSRF protections on two routes, a malicious user could execute a CSRF-based attack against the following endpoints: Sending a test email. Generating a node auto-deployment token. At no point would any data be exposed to the malicious user, this would simply...

CVE-2021-41273

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Due to improperly configured CSRF protections on two routes, a malicious user could execute a CSRF-based attack against the following endpoints: Sending a test email and Generating a node auto-deployment...

Cross site request forgery (csrf)

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Due to improperly configured CSRF protections on two routes, a malicious user could execute a CSRF-based attack against the following endpoints: Sending a test email and Generating a node auto-deployment...