[openstreetmap/openstreetmap-website] [Security] CSRF bypass that can lead to account takeover (#3089)
Fazle Rabbi
notifications at github.com
Fri Apr 9 12:31:28 UTC 2021
> Well, this issue already includes all the relevant details. It was clear enough to reproduce it locally at least.
I just check! Thanks for clarification. I was reading this on `rails-dev` mailing list, and it only showed the first part not the 'Updated comment after the fix is deployed:' part, so I missed it all. Thanks again! :pray:
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3089#issuecomment-816648548
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210409/00466ae4/attachment.htm>
More information about the rails-dev
mailing list