CVE-2024-39326 SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill

SkillTree is a micro-learning gamification platform. Prior to version 2.12.6, the endpoint /admin/projects/projectname/skills/skillname/video and probably others is open to a cross-site request forgery CSRF vulnerability. Due to the endpoint being CSRFable e.g POST request, supports a content typ...