Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Cross site request forgery #750
Vulnerable link: https://demo.bagisto.com/bagisto-103-206-131-18/admin/
What is CSRF ?
Task: To remove items from table without account owner consent.
How to reproduce the attack?
Malicious page containing evil script to edit list:
1.2) Deleting review on admin panel:
Impacts of vulnerability:
Prevention Cheat sheet for developers: