[openstreetmap/openstreetmap-website] [Security] CSRF bypass that can lead to account takeover (#3089)
Fazle Rabbi
notifications at github.com
Fri Apr 9 11:01:23 UTC 2021
> https://mobile.twitter.com/Joshibeast/status/1358799082182090757
thanks @mmd-osm! By public disclosure I understand a blog or any publicly available web page where the what, how of the vulnerability is described with additional PoC (cherry on top!) or at least that what I have seen commonly. The twitter link just points back to this issue.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3089#issuecomment-816602904
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210409/086d8f53/attachment.htm>
More information about the rails-dev
mailing list