I would like to share with you CSRF Vulnerability which I found in Heroku site.
Attacker able to change user name and e-mail id.
POC Video :
On 26th Jul, They fixed this vulnerability .
I would like to share with you CSRF Vulnerability which I found in Heroku site.
Attacker able to change user name and e-mail id.
POC Video :