French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
Tag Archives: CSRF
SearchBlox Fixes XSS, File Upload Flaws
SearchBlox, a provider of enterprise search technology, has patched several serious vulnerabilities in its flagship product, including cross-site scripting, cross-site request forgery and other issues. The company, which sells a variety of enterprise search products, has released version 8.2 of the main SearchBlox product to address the vulnerabilities, which were report to the CERT/CC at […]
CSRF Vulnerability Exposed Hilton Hotel Member Accounts
A cross-site request forgery (CSRF) vulnerability in the website of hotel chain Hilton Worldwide could have inadvertently compromised much of its users personal information.
CSRF Vulnerability Patched in GoDaddy Domain Settings
A cross site request forgery vulnerability in GoDaddy domain settings has been patched two days after it was reported to the domain registrar.
WordPress Plugins Bogged Down with CSRF, XSS Vulnerabilities
A handful of bugs, mostly XSS and CSRF vulnerabilities, have been plaguing at least eight different WordPress plugins as of late.