|
You are here |
mathieu.fenniak.net | ||
| | | | |
bogs.io
|
|
| | | | | CSRF stands for Cross-Site Request Forgery and is one of the most "popular" web application vulnerabilities | |
| | | | |
introvertmac.wordpress.com
|
|
| | | | | What is CSRF "Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts." - Wikipedia CSRF is at 8th position in OWASP... | |
| | | | |
www.vlent.nl
|
|
| | | | | [AI summary] The article explains that Django's Cross-site request forgery (CSRF) protection relies on a 'Double Submit Cookie' mechanism requiring both a cookie and a form parameter, and demonstrates how the validation works and why it prevents malicious requests. | |
| | | | |
www.thezdi.com
|
|
| | | [AI summary] This blog post discusses two critical vulnerabilities in the Logsign Unified SecOps Platform, CVE-2024-5716 (authentication bypass) and CVE-2024-5717 (command injection), which can be combined for remote, unauthenticated code execution. | ||