HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #115
From team Janet Reno Redemption Fund$
New advisory by : adc
Affected service(s): ultrashare
Severity [lmh] : medium
===== Problem =====
There exists a CSRF vulnerability in ultrashare .
===== Impact =====
Users logged in may be coerced by a third-party website
into performing actions with their privileges.
===== Fix =====
Add unique url mapping based on the user's session.
Rating
[0] Not enough information. Maybe dup.