Sarahah, a ‘compliments’ app (think ask.fm) popular with teenagers, is reportedly rife with security issues, according to a UK researcher. The issues pertain to the web version of the Sarahah service, and not the mobile application. Scott Helme, the researcher who took a pop at the site, described Sarahah’s CSRF (cross site request forgery) protections as “fairly trivial to bypass.” CSRF is a highly dangerous form of attack, which could see a bad actor perform actions on the account of someone already logged in to the service. In this instance, Helme pointed out that an attacker could exploit this in…
This story continues at The Next Web
from The Next Web http://ift.tt/2yHYyuE
Hello, my name is Jack Sparrow. I'm a 50 year old self-employed Pirate from the Caribbean.
No comments:
Post a Comment