I posted this yesterday with perhaps an uninforming title.<p>If you agree that this is a serious vulnerability, please tweet at @actblue and e-mail them at info@actblue.com.<p>Here's the introduction.
ActBlue is a non-profit that organizes fundraising efforts for Democratic causes; so far they have facilitated over a billion dollars in donations. This page details a security vulnerability in the ActBlue donation system.<p>tl;dr This vulnerability affects over three million individuals who have donated to a Democratic cause using ActBlue Express Lane. Specifically, the ActBlue donation system can be exploited to appropriate false donations towards either the Hillary Clinton or Bernie Sanders campaigns. Using cross-site request forgery, previous donors can be tricked into donating to other Democratic candidates or causes.