I would like to share with you CSRF Vulnerability which I found in Heroku site.
Attacker able to change user name and e-mail id.

POC Video :






On 26th Jul, They fixed this vulnerability .

No comments

Powered by Blogger.