1. CSRF Vulnerability in GodObjectProfile Allows State Mutation via GET Requests on .NET 8 MVC App
A critical Cross-Site Request Forgery vulnerability has been identified in the GodObjectProfile component of a .NET 8 MVC application, allowing state-mutating operations to be triggered through GET requests. The flaw, documented in a GitHub issue, exposes user profile data to unauthorized modification without requiring...