EIP-2026-109484

This is a functional CSRF PoC for miniblog 1.0.1 that demonstrates how an attacker can trick an admin into submitting a malicious POST request to add a new post containing a JavaScript payload. The payload redirects the admin's session to an attacker-controlled site to steal cookies.