Skip to content

It doesn't work; wrong use of python dictionary #2

Open
Open
It doesn't work; wrong use of python dictionary#2
@h4sh5

Description

@h4sh5
h4sh5
opened on Jan 13, 2024

Use of python dictionary here

CVE-2023-7028/CVE-2023-7028.py

Line 28 in c141972

paramsPost = {"user%5Bemail%5D":victim,"user%5Bemail%5D":attacker,"authenticity_token":token}
means only the attacker's email get sent; the exploit doesn't work.

Python dicts deduplicate keys automatically

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions