1. Critical CSRF Vulnerability in GodObjectProfile Exposes Application to Unauthorized State Mutations via GET Requests
A critical cross-site request forgery (CSRF) vulnerability has been identified in the GodObjectProfile component of the application. The flaw stems from state-mutating operations being executed through GET query parameters rather than properly secured POST requests. Attackers can exploit this by embedding malicious URL...