CXSecurity WLB-2015040034 6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Web Security Vulnerabilities Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015 Vulnerability Type: Cross-Site Request Forgery (CSRF) [CWE-352] CVE Reference: […]
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user’s browser.
SINGAPORE: Call them cybersecurity vigilantes if you will, or “white hats” – as they are known in the hacking world. Mr Wang Jing and Mr Zhao Hainan are part of a growing group of individuals who are taking it upon themselves to test the security of information systems in organisations and report security flaws. Earlier […]
GetPocket getpocket.com CSRF (Cross-Site Request Forgery ) Web Security Vulnerability Domain: getpocket.com “Pocket was founded in 2007 by Nate Weiner to help people save interesting articles, videos and more from the web for later enjoyment. Once saved to Pocket, the list of content is visible on any device — phone, tablet or computer. […]