bug-bounty504
google358
xss310
microsoft301
facebook265
rce221
exploit213
malware168
apple164
cve142
account-takeover116
bragging-post102
privilege-escalation98
csrf92
phishing86
browser80
writeup78
supply-chain69
authentication-bypass69
dos68
stored-xss65
ssrf57
reflected-xss57
reverse-engineering55
react54
access-control52
aws49
input-validation49
cross-site-scripting48
docker47
cloudflare47
lfi47
web-security46
node46
ctf45
sql-injection45
smart-contract45
ethereum44
web-application44
web343
defi43
oauth43
race-condition40
open-source39
auth-bypass39
pentest39
cloud38
idor37
burp-suite36
info-disclosure36
0
6/10
The author demonstrates a JSON CSRF vulnerability exploitation technique that bypasses anti-CSRF token validation and origin checks by leveraging HTTP method override functionality. The attack chain involves removing the X-Auth-Token header, converting a PUT request to POST via method override, and crafting a cross-origin AJAX request with a JSON body.