Account takeover just through csrf in https://booking.qiwi.kz/profile https://hackerone.com/reports/1066189 Severity: Medium | 100 USD Reported To: QIWI Reported By: #sniper302 State: Resolved Disclosed: May 20, 2021, 1:53pm (UTC) 130 views13:56