1 posts tagged with forgery.
Displaying 1 through 1 of 1. Subscribe:
Is MeFi protected against cross-site request forgery?
Is MeFi protected against CSRF? I know the logout link isn't (should be a form button anyway) and could be triggered by displaying an image to a MeFi user, but if the forms are vulnerable things could get nasty (imagine someone posting a link that changes your prefs, or makes you create a post, etc.). Just askin'...
Page:
1