The vulnerability occurs in http://localhost/www/index.php?m=member&v=pw_reset
This is the interface of a common member to reset the password
The interface does not have CSRF protection, which causes ordinary members to change the login password without knowing their members when they open the Poc page.
The vulnerability occurs in

http://localhost/www/index.php?m=member&v=pw_resetThis is the interface of a common member to reset the password
The interface does not have CSRF protection, which causes ordinary members to change the login password without knowing their members when they open the Poc page.
poc:
The text was updated successfully, but these errors were encountered: