Lego fixes dangerous API vulnerability in BrickLink service


The application programming interface (API) security flaws were discovered by Salt Labs, the research division of API guru Salt Security, and were immediately fixed by The Lego Group in its BrickLink digital resale platform.

BrickLink is the biggest marketplace for buying and selling used Lego sets in the world, with over a million users. Through the eBay-style site, significant quantities of money are exchanged, with popular kits like the Hogwarts Express from Lego’s Harry Potter series frequently selling for close to their original retail price.

Read More…