mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 10:14:49 +02:00
0xMarcio
776 B
776 B
CVE-2017-7178
Description
CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin.