=(L_L)=

CVE-2021-47754 EXPLOITDB MEDIUM html WORKING POC

Arunna 1.0.0 - Cross-Site Request Forgery via Profile Settings Form

Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to manipulate user profile settings without authentication. Attackers can craft a malicious form to change user details, including passwords, email, and administrative privileges by tricking authenticated users into submitting the form.

CVSS 6.5

View Code