Security News > 2024 > August > Georgia's voter portal gets a crash course in client versus backend input validation

Georgia's voter portal gets a crash course in client versus backend input validation
2024-08-07 04:05

The US state of Georgia has a website for cancelling voter registration, and it's had a bumpy start.

In theory, it's supposed to make elections in the Peach State more secure and less susceptible to voter fraud, which is a sensitive topic in Georgia since the 2020 Presidential election.

The website's cancellation form asks for all those details plus a driver's license or state ID number, or the last four digits of your social security number.

"No incomplete application moved forward," a spokesperson for the Secretary of State Office told The Register.

Georgia has blocked multiple attempts to cancel the voter registrations of House Representative Marjorie Taylor Greene and Secretary of State Brad Raffensperger.

For about an hour after launch on July 29, the website would a little too eagerly offer up sensitive information - voters' driver's license or state ID numbers, or the last four digits of their social security numbers - according to the Georgia Recorder.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/08/07/security_flaw_and_data_leak/