How to find valid and impactful CSRFs

Hi , i am Febin , a security researcher. This is my first post in OBB blog, which is about the mighty CSRF attack. IMPACT OF CSRF: In a successful CSRF attack, the attacker causes the victim user to carry out an action unintentionally. For example, this might be to change the email address on…

Reporting CSRF via Openbugbounty

The website is vulnerable to CSRF because there is no use of Anti-CSRF tokens in the website but the main focus of this post is how to submit a proper CSRF report via OBB because in the start OBB couldn’t reproduce the CSRF reports and they all went to the rejected section in my case and in result making this post. Not only for bounty but you’ll get the idea what important things we should keep in our mind when making a detailed CSRF report.