The B-List is the personal weblog of James Bennett, a web developer in Lawrence, Kansas.

Links published on April 21, 2008

1 link published on this date. See also: all links published in April 2008, latest links.

CSRF pwns your box?!?!

I think this may be the first PURE CSRF vulnerability that I’ve seen that resulted in compromise of a victims machine

Ouch.

If you’re using Django, by the way, you really have no excuse if you get caught by a CSRF attack.

Planet Websecurity

Visit site or read comments.

← Links published on April 16, 2008 Links published on May 4, 2008 →

Copyright © 2006-2012 James Bennett. All rights reserved. Opinions expressed here are solely those of the author(s).