Back to directory

WRITEUP #4770

How a Simple CSRF Attack Turned into a P1 Level Bug

CSRFAccount takeover

by@bejuveria_(Lady Secspeare)

Program

-

Published

Apr 5, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://ladysecspeare.wordpress.com/2020/04/05/how-a-simple-csrf-attack-turned-into-a-p1-level-bug/

▸ RELATED WRITEUPS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat