CVE-2020-23522_Pixelimity_1.0_跨站請求偽造漏洞

棉花糖

2021年7月15日发布

040

# CVE-2020-23522 Pixelimity 1.0 跨站請求偽造漏洞

# Exploit Title: Pixelimity 1.0 - 'password' Cross-Site Request Forgery
# Date: 2020-06-03
# Exploit Author: Noth
# Vendor Homepage: https://github.com/pixelimity/pixelimity
# Software Link: https://github.com/pixelimity/pixelimity
# Version: v1.0
# CVE : 2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.

PoC :

文章版权归作者所有，未经允许请勿转载。

THE END