A csrf vulnerability was discovered in baijiacmsV4.
There is a CSRF attacks vulnerability.After the administrator logged in, open the following two page,attacker can modify the store information and login password.
1.modify the store information.
poc:
Vulnerability description
A csrf vulnerability was discovered in baijiacmsV4.
There is a CSRF attacks vulnerability.After the administrator logged in, open the following two page,attacker can modify the store information and login password.
1.modify the store information.
poc:
Original store information



When a logged in administrator opens a malicious web page and clicks the button
And the store information has changed
2.modify login password.
poc:
When a logged in administrator opens a malicious web page and clicks the button.

And the login password of the administrator will be 111111.
The text was updated successfully, but these errors were encountered: