CSRF на загрузку изображения Pandao
This issue took 0 Days and 1 hours to triage and 3 Days and 18 hours to resolve once triaged.
Discovered by xalerafera on Mailru
CSRF vulnerability in avatar upload AJAX method for pandao.ru
Pandao.ru is not currently covered by main bug bounty and general CSRF/XSS vulnerabilities are accepted without bounty.