Security News

PayPal Fixes CSRF Vulnerability in PayPal.me (Threatpost)
2016-07-22 17:33

PayPal recently fixed a vulnerability on its PayPal.me site that could've let an attacker change a user's profile without their permission.

ARRIS SURFboard Modems Plagued by CSRF Flaw (SecurityWeek)
2016-04-11 18:16

quot;Breaking CSRF: ASP.NET MVCquot; (Appsec Streetfighter Blog)
2016-02-22 01:10

Finding a CSRF vulnerability in phpBB (Reddit)
2016-01-26 22:42

Magento Update Addresses XSS, CSRF Vulnerabilities (Threatpost)
2016-01-25 21:31

Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Chrome extension for CSRF testing. (Reddit)
2016-01-19 10:11

CSRF Flaw Patched in Popular Spring Social Core Library (Threatpost)
2015-11-13 16:08

Spring Social, a popular Java library used for social authentication, patched a risky cross-site request forgery vulnerability.

CSRF Blocker - block CSRF-attacks the right way (Reddit)
2015-11-09 17:20

Exploiting CSRF against search with Lucene (Reddit)
2015-09-14 10:50

quot;Breaking CSRF: Spring Security and Thymeleafquot; (Appsec Streetfighter Blog)
2015-09-03 15:53