Kagi CSRF Vulnerability Demonstration

💰 Credit Drain Attacks

These will consume your Kagi search credits:

Execute Search Query Execute Image Search Execute Video Search Execute News Search Execute Podcast Search

🔐 Account Management Attacks

These will modify your account settings:

Generate New API Token (Invalidates old ones) Disable Current API Token

🚪 Session Attacks

These will affect your current session:

Force Logout