the whole world burns

Archive for category 'csrf'

More CSRF issues with Flash crossdomain policy files

 # [via]

More and more, web app security looks like a house of cards.

forging arbitrary HTTP request headers with Flash

 #

That's a pretty nasty vulnerability.

Small things, links and miscellany, sparkling with light. Sam's tumblelog.

Related Tags