TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torrentflux project torrentflux 2.4 |