GET based CSRF to make other users to follow/unfollw the attacker(me)/other users by sending a link https://www.bugheist.com/follow/<USER>/. Proof Of Concept: httpshttps://www.bugheist.com/follow/Anon1337/ 270

Domain: http://www.bugheist.com

Tweet

Reported on www.bugheist.com

Total # of issues reported = 183

Reported by febinrev

Total Points of febinrev = 320

Browser Version: 68.0

Operating System: Linux

OS Version:

Bug Type: Security

Status: open

Added on: Aug. 28, 2020, 3:50 p.m.

Description

Screenshots:

OCR Results:

OCR not installed

Comments:

No comment added yet. Be the first to comment!