You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 21, 2022. It is now read-only.
A csrf vulnerability was discovered in baijiacmsV4.
There is a CSRF attacks vulnerability.After the administrator logged in, open the following two page,attacker can modify the store information and login password.
1.modify the store information.
poc:
Vulnerability description
A csrf vulnerability was discovered in baijiacmsV4.
There is a CSRF attacks vulnerability.After the administrator logged in, open the following two page,attacker can modify the store information and login password.
1.modify the store information.
poc:
Original store information
When a logged in administrator opens a malicious web page and clicks the button
And the store information has changed
2.modify login password.
poc:
When a logged in administrator opens a malicious web page and clicks the button.
And the login password of the administrator will be 111111.
The text was updated successfully, but these errors were encountered: