Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
CSRF vulnerability that can be used to modify administrator accounts to get system privileges. #4
When any administrator login, open it, and the password is modified to 123456. If it is a simple username, such as admin, root, etc. You can get system privileges.
exp.html:<script>history.pushState('', '', '/')</script>