ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2024-12-18 10:26:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: remove 1 line on OSRF

Browse Source
This commit is contained in:
Muhammad Daffa 2023-05-29 18:30:11 +07:00
parent 795bd8c2e6
commit 0a16c9d981
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
On Site Request Forgery.md
View File

@ -13,8 +13,7 @@ You can detect On-Site Request Forgery (OSRF) everywhere but there are 2 things
<audio src="OUR_INPUT_HERE">
<iframe src="OUR_INPUT_HERE">
```
- We can control the filename (there are several requirements that must be met)
- There is a sensitive endpoint that using the GET method
- There is a sensitive endpoint that using the GET method
```
GET /settings.php?remove_account=1