Y
Hacker News
new
|
ask
|
show
|
jobs
by
memoryfault
4620 days ago
I disagree with that. It's a get request that is changing state server-side. That is a dead giveaway for a CSRF vulnerability.