It was a quiet Sunday evening, one of those days when you tell yourself, “Just one quick recon session before bed.” But as every bug hunter knows, quick often turns into hours when curiosity strikes.

This is a story of how that curiosity led me to discover a CSRF vulnerability hiding in plain sight — one that could have allowed attackers to manipulate user accounts silently. In this write-up, I’ll guide you through the discovery, exploitation, and prevention of this flaw. So buckle up.

Cross-Site Request Forgery (CSRF) is a type of web vulnerability that tricks authenticated users into performing actions they didn’t intend — without their knowledge. Imagine being logged into your banking site, visiting a malicious website, and unknowingly triggering a funds transfer — all because proper CSRF protections weren’t in place.

While modern frameworks often include CSRF defenses, developers sometimes forget to apply them universally — that’s where opportunities arise.

The target was a mid-sized SaaS platform I often monitor for bug bounty programs. Their main application seemed pretty locked down: secure cookies, strict CORS, modern libraries — all…