Description: CSRF (Cross-site request forgery) Vulnerability discovered in Gleez CMS v1.2.0 when I penetrate testing a couple of vulnerabilities in Demo website: https://demo.gleezcms.org.
POC:
Log in as a user or admin
Add new page or blog
Intercept POST request when a normal user or admin submitting a new page or blog,
Description:
CSRF (Cross-site request forgery) Vulnerability discovered in Gleez CMS v1.2.0 when I penetrate testing a couple of vulnerabilities in Demo website: https://demo.gleezcms.org.
POC:
Log in as a user or admin
Add new page or blog

Intercept POST request when a normal user or admin submitting a new page or blog,

Launch a CSRF attack

Exec code:

Snippet is here:
https://github.com/levoncf/Path_of_CVE/blob/master/CSRF_POC.html
The text was updated successfully, but these errors were encountered: