Vulnerability : Cross-Site Request Forgery (CSRF)

Domain : https://www.mygvcloud.com

Impact : Account Takeover

Timeline :
Sep 17,2020 - Report Sent
Sep 21,2020 - Vulnerability Fixed
Sep 22,2020 - Thanks received from GeoVision Security Team

Environment :
OS : Windows 10 Pro
Browser : Firefox
Version : 80.0.1 ( 64-bit )

Researcher Name : Nayanjyoti Roy

Proof-Of-Concept video :