There are CSRF vulnerabilities in the website. The front desk can modify user information, and the background can add administrator accounts, modify the balance held by users, modify the website configuration and other dangerous operations. It is recommended to add CSRF TOKEN or verify referer to defend
chshcms
commented
1 year ago
There are CSRF vulnerabilities in the website. The front desk can modify user information, and the background can add administrator accounts, modify the balance held by users, modify the website configuration and other dangerous operations. It is recommended to add CSRF TOKEN or verify referer to defend
