Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
There is a CSRF vulnerability that can add the administrator account #800
Thank you for pointing the vulnerability. Could you apply a fix?…
On 10-Aug-2018, at 3:44 PM, Vict00r ***@***.***> wrote: After the administrator logged in, open the following page to add an administrator. poc： <script>history.pushState('', '', '/')</script> — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.