🟢CSRF

Grammarly disclosed on HackerOne: Lack of CSRF header validation at...HackerOne

Logitech disclosed on HackerOne: One Click Account takeover using...HackerOne

U.S. Dept Of Defense disclosed on HackerOne: Account takeover...HackerOne

Reddit disclosed on HackerOne: CSRF (protection bypassed) to force...HackerOne

https://hackerone.com/reports/1066189hackerone.com

Gratipay disclosed on HackerOne: CSRF csrftoken in cookiesHackerOne

drchrono disclosed on HackerOne: CSRF Add Album On onpatient.comHackerOne

Coinbase disclosed on HackerOne: CSRF bug on password changeHackerOne

https://blog.witcoat.com/2020/12/03/site-wide-csrf-on-glassdoor/blog.witcoat.com