writeups.xyz / Bypassing SameSite=lax cookie restrictions to preform CSRF resulting to a horizontal privilege escalation via poor email verification mechanism

Submitter : c2a

Date: 13 February 2023

Bounty : undisclosed

Vulnerabilities :

• CSRF

Programs :

• Undisclosed

Authors :

• Imad Husanovic (@Deadoverflow_)

Link :
https://medium.com/@deadoverflow/bypassing-samesite-lax-cookie-restrictions-to-preform-csrf-resulting-to-a-horizontal-privilege-1dfc8fb17b0a