Add a token to the request address and verify (the token is not placed in the cookie, placed in the http request parameter, and the server verifies it).
3 Add the token to the http header attribute to prevent the token from appearing in the browser and being leaked.
The text was updated successfully, but these errors were encountered:
There is an CSRF vulnerability in your CMS
Log in as an admin Inducing the admin to click on the link success add an administrator.
POC
FIX :
3 Add the token to the http header attribute to prevent the token from appearing in the browser and being leaked.
The text was updated successfully, but these errors were encountered: