Subscribe via feed.

WebCalendar 1.2.7 CSRF Bypass

Posted by deepcore on July 6, 2016 – 2:02 am

WebCalendar version 1.2.7 attempts to uses the HTTP Referer to check that requests are originating from same server. However, this can be easily defeated by just not sending a referer.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.