I would like to share with you CSRF Vulnerability which I found in Heroku site.
Attacker able to change user name and e-mail id.

POC Video :






On 26th Jul, They fixed this vulnerability .

No comments

Note: only a member of this blog may post a comment.

Powered by Blogger.