Weblate: CSRF - Changing the full name / adding a secondary email identity of an account via a GET request
SUMMARY ---------- Hello, I have found a CSRF request via the activation email that will change the full name of the targeted account. This vulnerability exists if the attacker registers a new account and then gives his activation link to someone else. If the victim uses the received activation...