GitLab has resolved a raft of vulnerabilities – including two high-impact web security flaws – with an update to its software development platform. A cross-site request forgery (CSRF)...
Endpoints using GraphQL may be at risk of exploitation due to failures to mitigate cross-site request forgery (CSRF) attack vectors, researchers warn. On May 20, Doyensec...
UPDATED Users of NextGEN Gallery, the image management plugin for WordPress, have been urged to update their websites after the discovery of serious cross-site request forgery (CSRF) vulnerabilities. The...
The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. NextGen Gallery, a WordPress plugin used for creating...
A security researcher has earned a $3,000 bug bounty by achieving site-wide cross-site request forgery (CSRF) on job-hunting website Glassdoor. By exploiting the vulnerability, attackers could take control of...
Google has announced more changes to the way Chrome handles same-site cookie requests, the browser developers have announced. The world’s most popular web browser started blocking...
Recent Comments