Today I want to talk about one of my findings in a private program at Hacker-One platform, which refers to it as target.com. Following some reconnaissance and effort, I found target.com, I create an…

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

Cross-Site Request Forgery is an attack that forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. There should be no protection in place to track users’ requests or any kind of protection like asking secret questions for an update.

Easy CSRF bypass

I thought of several ways to bypass the protection.

How to Prevent CSRF vulnerability[protection]:

<p>Expected a regular short description of CSRF, but this article was actually extensive and well written :)</p>
