all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Topic: csrf

Follow topic RSS
CSRF Takedown: Defeating Web Exploits with Code 3 days, 18 hours ago | infosecwriteups.com
code csrf cybersecurity exploitation +4
csrf 3 days, 19 hours ago | www.reddit.com
csrf cybersecurity
[webapps] Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass 5 days, 8 hours ago | www.exploit-db.com
bypass csrf injection log +4
Nonsense, mayhem, browser security, CSRF, and CORS - Part 1 2 weeks, 2 days ago | www.reddit.com
browser browser security cors csrf +2
Ex
WordPress WoodMart Theme &lt; = 7.1.1 - Theme License Options Change via CSRF 3 weeks, 6 days ago | www.exploitalert.com
change csrf license options +2
Ex
WordPress Real Estate 7 Theme &lt; = 3.3.4 - Multiple Cross-Site Request Forgery CSRF Vulnerabilit 3 weeks, 6 days ago | www.exploitalert.com
cross-site cross-site request forgery csrf forgery +4
WordPress Plugins Security Analysis 1 month ago | infosecwriteups.com
analysis bug bounty csrf hades +6
Cross-Site Request Forgery (CSRF) Attack: What It Is, How It Works, and How to Prevent … 1 month, 2 weeks ago | www.reddit.com
attack cross-site cross-site request forgery csrf +4
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website 1 month, 2 weeks ago | infosecwriteups.com
accounts bug bounty bug-bounty-tips commerce +6
Chaining Bugs to get my First Bug Bounty 1 month, 3 weeks ago | infosecwriteups.com
account takeover bounty bug bug bounty +5
Exploiting CSRF chaining with IDOR 1 month, 3 weeks ago | infosecwriteups.com
bug bounty csrf ethical hacking exploiting +3
Understanding and Preventing CSRF AttackAbout CSRF 1 month, 3 weeks ago | infosecwriteups.com
bug bounty csrf hacking vulnerability +1
CSRF Where Token is duplicated in Cookie | 2023 1 month, 3 weeks ago | infosecwriteups.com
bug bounty cookie csrf hacking +3
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization 1 month, 3 weeks ago | packetstormsecurity.com
authorization csrf idor restaurant +2
Ex
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization 1 month, 4 weeks ago | www.exploitalert.com
authorization csrf idor restaurant +2
CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services 2 months, 1 week ago | www.securityweek.com
azure cloud security code code execution +6
Cross-site WebSocket hijacking 2 months, 1 week ago | infosecwriteups.com
bug bounty burpsuite cross-site csrf +5
CSRF leads to account takeover in Yahoo! 2 months, 2 weeks ago | infosecwriteups.com
account account takeover bug bounty csrf +4
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls 2 months, 2 weeks ago | packetstormsecurity.com
access access controls controls csrf +3
Ex
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls 2 months, 2 weeks ago | www.exploitalert.com
access access controls controls csrf +3
Strategies for effective CSRF mitigation 2 months, 3 weeks ago | www.reddit.com
csrf mitigation netsec
Ex
Wordpress Dsp Dating Csrf FIle Upload 2 months, 3 weeks ago | www.exploitalert.com
csrf dating dsp file upload +1
CVE-2018-25060 (csrf) 3 months ago | web.nvd.nist.gov
csrf cve
WordPress Vulnerability & Patch Roundup December 2022 3 months ago | blog.sucuri.net
csrf december patch vulnerability +6
Ex
PerfSONAR - v4.x &lt; = v4.4.5 - Partial Blind CSRF 4 months ago | www.exploitalert.com
csrf partial
Issue 210: CSRF vulnerability in F5, supply chain attacks, hacking APIs, GCP API security report 4 months ago | apisecurity.io
api apis api security attacks +11
Issue 209: CSRF in Plesk API-enabled server, top five API security myths, Ory Hydra authentication … 4 months, 2 weeks ago | apisecurity.io
api api security authentication csrf +5
Root RCE via CSRF (and other vulns) in F5 Big-IP devices [my original research] 4 months, 2 weeks ago | www.reddit.com
big big-ip csrf devices +6
CSRF in Plesk API enabled server takeover 4 months, 2 weeks ago | portswigger.net
api csrf server takeover
CSRF in Plesk API enabled privilege escalation 4 months, 2 weeks ago | portswigger.net
api csrf escalation privilege +1
SSA-478960 V1.0: Missing CSRF Protection in the Web Server Login Page of Industrial Controllers 4 months, 3 weeks ago | cert-portal.siemens.com
controllers csrf industrial login +6
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR [Bug Bounty Podcast] 5 months ago | www.youtube.com
bounty bug bug bounty csrf +6
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR 5 months ago | dayzerosec.com
bounty-podcast bug csrf facebook +5
CVE-2022-39287 (tiny-csrf) 5 months, 3 weeks ago | web.nvd.nist.gov
csrf cve tiny
Analysis and Remediation Guidance of CSRF Vulnerability in Csurf Express.js Middleware 6 months, 2 weeks ago | www.veracode.com
analysis csrf express guidance +3
Analysis and Remediation Guidance of CSRF Vulnerability in Csurf Express.js Middleware 6 months, 2 weeks ago | www.veracode.com
analysis csrf express guidance +3
Portswigger’s Lab write up: CSRF vulnerability with no defenses 6 months, 2 weeks ago | dev.to
csrf lab portswigger vulnerability +2
CSRF flaw in csurf NPM package aimed at protecting against the same flaws 7 months ago | portswigger.net
csrf flaw flaws npm +2
A CSRF vulnerability in the popular csurf package 7 months ago | www.reddit.com
csrf netsec package popular +1
Exploring the SameSite cookie attribute for preventing CSRF! 7 months, 4 weeks ago | www.reddit.com
cookie csrf netsec samesite
Jenkins security: Unpatched XSS, CSRF bugs included in latest plugin advisory 8 months ago | portswigger.net
advisory bugs csrf jenkins +4
CSRF, XXE, and 12 Other Security Acronyms Explained 8 months, 3 weeks ago | dev.to
csrf devops explained other +4
CSRF leads to account takeover in Yahoo! 9 months, 2 weeks ago | www.reddit.com
account account takeover csrf netsec +2
Reddit patches CSRF vulnerability that forced users to view NSFW content 9 months, 2 weeks ago | portswigger.net
csrf patches reddit vulnerability
[remote] Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF) 9 months, 3 weeks ago | www.exploit-db.com
cross-site csrf forgery msm +2
The State of CSRF Vulnerability in 2022 9 months, 3 weeks ago | www.reddit.com
csrf netsec state vulnerability
Understanding and Dealing with Cross-Site Request Forgery Attacks (CSRF) in GraphQL 10 months ago | www.reddit.com
attacks cross-site csrf cybersecurity +3
Blind Attacks: Understanding CSRF (Cross Site Request Forgery) 10 months ago | hackernoon.com
attacks csrf csrf-attacks cybersecurity +7
Understanding CSRF Attacks 10 months ago | dev.to
attacks csrf express javascript +2
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed 10 months, 2 weeks ago | blog.malwarebytes.com
accounts attack bugs captcha +14
How to Protect Your Web Apps Using Anti-CSRF Tokens? 10 months, 3 weeks ago | securityboulevard.com
anti-csrf tokens application security apps csrf +6
[webapps] WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF) 10 months, 3 weeks ago | www.exploit-db.com
blue cross-site csrf forgery +5
[remote] Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF) 11 months, 2 weeks ago | www.exploit-db.com
controls cross-site csrf delta +2
[webapps] Fuel CMS 1.5.0 - Cross-Site Request Forgery (CSRF) 11 months, 2 weeks ago | www.exploit-db.com
cms cross-site csrf forgery +3
OWASP® Global AppSec US 2021 Virtual – Jim Manico’s ‘Keynote: Request Forgery On The Web … 11 months, 2 weeks ago | securityboulevard.com
application security appsec appsec conferences appsec education +15
[webapps] qdPM 9.2 - Cross-site Request Forgery (CSRF) 11 months, 4 weeks ago | www.exploit-db.com
cross-site csrf forgery site +1
[webapps] ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion 11 months, 4 weeks ago | www.exploit-db.com
account cross-site csrf forgery +2
[webapps] WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF) 1 year ago | www.exploit-db.com
cross-site csrf forgery plugin +4
Introduction to CSRF: How can a cookie get you hacked 1 year ago | www.reddit.com
cookie csrf hacked netsec
[webapps] ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Takeover 1 year ago | www.exploit-db.com
account account takeover cross-site csrf +4

Items published with this topic over the last 90 days.

Want more? See the current trends of the most popular topics in InfoSec / Cybersecurity on our Trends index page.

Latest

CSRF Takedown: Defeating Web Exploits with Code 3 days, 18 hours ago | infosecwriteups.com
code csrf cybersecurity exploitation +4
csrf 3 days, 19 hours ago | www.reddit.com
csrf cybersecurity
[webapps] Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass 5 days, 8 hours ago | www.exploit-db.com
bypass csrf injection log +4
Nonsense, mayhem, browser security, CSRF, and CORS - Part 1 2 weeks, 2 days ago | www.reddit.com
browser browser security cors csrf +2
Ex
WordPress WoodMart Theme &lt; = 7.1.1 - Theme License Options Change via CSRF 3 weeks, 6 days ago | www.exploitalert.com
change csrf license options +2
Ex
WordPress Real Estate 7 Theme &lt; = 3.3.4 - Multiple Cross-Site Request Forgery CSRF Vulnerabilit 3 weeks, 6 days ago | www.exploitalert.com
cross-site cross-site request forgery csrf forgery +4
WordPress Plugins Security Analysis 1 month ago | infosecwriteups.com
analysis bug bounty csrf hades +6
Cross-Site Request Forgery (CSRF) Attack: What It Is, How It Works, and How to Prevent … 1 month, 2 weeks ago | www.reddit.com
attack cross-site cross-site request forgery csrf +4
How I Was Able to Takeover User Accounts via CSRF on an E-Commerce Website 1 month, 2 weeks ago | infosecwriteups.com
accounts bug bounty bug-bounty-tips commerce +6
Chaining Bugs to get my First Bug Bounty 1 month, 3 weeks ago | infosecwriteups.com
account takeover bounty bug bug bounty +5
Exploiting CSRF chaining with IDOR 1 month, 3 weeks ago | infosecwriteups.com
bug bounty csrf ethical hacking exploiting +3
Understanding and Preventing CSRF AttackAbout CSRF 1 month, 3 weeks ago | infosecwriteups.com
bug bounty csrf hacking vulnerability +1
CSRF Where Token is duplicated in Cookie | 2023 1 month, 3 weeks ago | infosecwriteups.com
bug bounty cookie csrf hacking +3
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization 1 month, 3 weeks ago | packetstormsecurity.com
authorization csrf idor restaurant +2
Ex
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization 1 month, 4 weeks ago | www.exploitalert.com
authorization csrf idor restaurant +2
CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services 2 months, 1 week ago | www.securityweek.com
azure cloud security code code execution +6
Cross-site WebSocket hijacking 2 months, 1 week ago | infosecwriteups.com
bug bounty burpsuite cross-site csrf +5
CSRF leads to account takeover in Yahoo! 2 months, 2 weeks ago | infosecwriteups.com
account account takeover bug bounty csrf +4
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls 2 months, 2 weeks ago | packetstormsecurity.com
access access controls controls csrf +3
Ex
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls 2 months, 2 weeks ago | www.exploitalert.com
access access controls controls csrf +3
Strategies for effective CSRF mitigation 2 months, 3 weeks ago | www.reddit.com
csrf mitigation netsec
Ex
Wordpress Dsp Dating Csrf FIle Upload 2 months, 3 weeks ago | www.exploitalert.com
csrf dating dsp file upload +1
CVE-2018-25060 (csrf) 3 months ago | web.nvd.nist.gov
csrf cve
WordPress Vulnerability & Patch Roundup December 2022 3 months ago | blog.sucuri.net
csrf december patch vulnerability +6
Ex
PerfSONAR - v4.x &lt; = v4.4.5 - Partial Blind CSRF 4 months ago | www.exploitalert.com
csrf partial
Issue 210: CSRF vulnerability in F5, supply chain attacks, hacking APIs, GCP API security report 4 months ago | apisecurity.io
api apis api security attacks +11
Issue 209: CSRF in Plesk API-enabled server, top five API security myths, Ory Hydra authentication … 4 months, 2 weeks ago | apisecurity.io
api api security authentication csrf +5
Root RCE via CSRF (and other vulns) in F5 Big-IP devices [my original research] 4 months, 2 weeks ago | www.reddit.com
big big-ip csrf devices +6
CSRF in Plesk API enabled server takeover 4 months, 2 weeks ago | portswigger.net
api csrf server takeover
CSRF in Plesk API enabled privilege escalation 4 months, 2 weeks ago | portswigger.net
api csrf escalation privilege +1
SSA-478960 V1.0: Missing CSRF Protection in the Web Server Login Page of Industrial Controllers 4 months, 3 weeks ago | cert-portal.siemens.com
controllers csrf industrial login +6
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR [Bug Bounty Podcast] 5 months ago | www.youtube.com
bounty bug bug bounty csrf +6
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR 5 months ago | dayzerosec.com
bounty-podcast bug csrf facebook +5
CVE-2022-39287 (tiny-csrf) 5 months, 3 weeks ago | web.nvd.nist.gov
csrf cve tiny
Analysis and Remediation Guidance of CSRF Vulnerability in Csurf Express.js Middleware 6 months, 2 weeks ago | www.veracode.com
analysis csrf express guidance +3
Analysis and Remediation Guidance of CSRF Vulnerability in Csurf Express.js Middleware 6 months, 2 weeks ago | www.veracode.com
analysis csrf express guidance +3
Portswigger’s Lab write up: CSRF vulnerability with no defenses 6 months, 2 weeks ago | dev.to
csrf lab portswigger vulnerability +2
CSRF flaw in csurf NPM package aimed at protecting against the same flaws 7 months ago | portswigger.net
csrf flaw flaws npm +2
A CSRF vulnerability in the popular csurf package 7 months ago | www.reddit.com
csrf netsec package popular +1
Exploring the SameSite cookie attribute for preventing CSRF! 7 months, 4 weeks ago | www.reddit.com
cookie csrf netsec samesite
Jenkins security: Unpatched XSS, CSRF bugs included in latest plugin advisory 8 months ago | portswigger.net
advisory bugs csrf jenkins +4
CSRF, XXE, and 12 Other Security Acronyms Explained 8 months, 3 weeks ago | dev.to
csrf devops explained other +4
CSRF leads to account takeover in Yahoo! 9 months, 2 weeks ago | www.reddit.com
account account takeover csrf netsec +2
Reddit patches CSRF vulnerability that forced users to view NSFW content 9 months, 2 weeks ago | portswigger.net
csrf patches reddit vulnerability
[remote] Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF) 9 months, 3 weeks ago | www.exploit-db.com
cross-site csrf forgery msm +2
The State of CSRF Vulnerability in 2022 9 months, 3 weeks ago | www.reddit.com
csrf netsec state vulnerability
Understanding and Dealing with Cross-Site Request Forgery Attacks (CSRF) in GraphQL 10 months ago | www.reddit.com
attacks cross-site csrf cybersecurity +3
Blind Attacks: Understanding CSRF (Cross Site Request Forgery) 10 months ago | hackernoon.com
attacks csrf csrf-attacks cybersecurity +7
Understanding CSRF Attacks 10 months ago | dev.to
attacks csrf express javascript +2
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed 10 months, 2 weeks ago | blog.malwarebytes.com
accounts attack bugs captcha +14
How to Protect Your Web Apps Using Anti-CSRF Tokens? 10 months, 3 weeks ago | securityboulevard.com
anti-csrf tokens application security apps csrf +6
[webapps] WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF) 10 months, 3 weeks ago | www.exploit-db.com
blue cross-site csrf forgery +5
[remote] Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF) 11 months, 2 weeks ago | www.exploit-db.com
controls cross-site csrf delta +2
[webapps] Fuel CMS 1.5.0 - Cross-Site Request Forgery (CSRF) 11 months, 2 weeks ago | www.exploit-db.com
cms cross-site csrf forgery +3
OWASP® Global AppSec US 2021 Virtual – Jim Manico’s ‘Keynote: Request Forgery On The Web … 11 months, 2 weeks ago | securityboulevard.com
application security appsec appsec conferences appsec education +15
[webapps] qdPM 9.2 - Cross-site Request Forgery (CSRF) 11 months, 4 weeks ago | www.exploit-db.com
cross-site csrf forgery site +1
[webapps] ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion 11 months, 4 weeks ago | www.exploit-db.com
account cross-site csrf forgery +2
[webapps] WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF) 1 year ago | www.exploit-db.com
cross-site csrf forgery plugin +4
Introduction to CSRF: How can a cookie get you hacked 1 year ago | www.reddit.com
cookie csrf hacked netsec
[webapps] ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Takeover 1 year ago | www.exploit-db.com
account account takeover cross-site csrf +4

Topic trend (last 90 days)

Top (last 7 days)

CSRF Takedown: Defeating Web Exploits with Code 3 days, 18 hours ago | infosecwriteups.com
code csrf cybersecurity exploitation +4
[webapps] Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass 5 days, 8 hours ago | www.exploit-db.com
bypass csrf injection log +4

Latest InfoSec / Cybersecurity Jobs

View more jobs Post a job on infosec-jobs.com

Azure DevSecOps - Solution Architect

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Cybersecurity Champion

@ NielsenIQ | Chicago, IL, United States
View on infosec-jobs.com

Senior Information Security Analyst

@ QAD, Inc. | Wroclaw, Poland
View on infosec-jobs.com

VP, Information Security

@ TrueAccord | Remote
View on infosec-jobs.com

DevSecOps Engineer- (100%) ( w/m/d) - Valbonne - Hybrid Work

@ SMG Swiss Marketplace Group | Valbonne, France
View on infosec-jobs.com

Information Security Director - Attack Surface Management (100% US REMOTE)

@ Experian | Allen, TX, United States
View on infosec-jobs.com

Director - Cybersecurity and Compliance

@ Visa | Foster City, CA, United States
View on infosec-jobs.com

Senior Threat Analyst | Remote, USA

@ Optiv | Kansas City, MO
View on infosec-jobs.com

Senior Consultant (m/w/d) - Identity & Access Management

@ Infosys Consulting - Europe | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Associate Cybersecurity Analyst - SOC

@ Visa | Ashburn, VA, United States
View on infosec-jobs.com

Security Operations Networks Engineer - Hybrid Working

@ NECSWS | Nottingham, United Kingdom
View on infosec-jobs.com

Senior Application Security Engineer

@ Netcompany-Intrasoft | Athens, Greece
View on infosec-jobs.com