Zeddit's upvote endpoint has no CSRF token and no Origin check. The mod bot visits submitted report URLs with a privileged session. Make the mod vote for you.
