Mars: CSRF to delete a pet
The /kisallataim/ANIMALID/delete API endpoint at myroyalcanin.hu was found to be vulnerable to Cross-Site Request Forgery CSRF attacks. This vulnerability could have been exploited to delete a user's pet from their account without their knowledge or consent...