CSRF flaw in csurf NPM package aimed at protecting against the same flaws

05-Sep-22

Cross-site request forgery (CSRF) weakness in the open source csurf software was discovered by pen testers looking for low-severity bugs. When a client asked them to look through a penetration testing report, researchers from the UK-based cybersecurity business Fortbridge were summoned.

A CSRF cookie lacking a secure flag was one vulnerability raised. The team started digging after discovering something intriguing. Forbridge cloud application security consultant Adrian Tiron wrote about this in a blog post on August 28. Read More…

Solutions
Solutions

Services
Services

Copyright © 2024 Infopercept Consulting Pvt. Ltd.. All rights reserved. Privacy Policy / Terms of Use / Cookie preferences