The New York Times; ING Direct, a U.S. savings bank; Google’s YouTube; and MetaFilter, a blogging site are alleged to be vulnerable to CSRF (cross-site request forgery,) reports InfoWorld.
The type of flaw, called CSRF (cross-site request forgery), allows an attacker to perform actions on a Web site on behalf of a victim who is already logged into the site.
Yet another thing to look out for when coding web pages and it also proves that vulnerability assessments are incredibly important.
[Prominent Web sites have serious coding flaw]
Filed Under: Tech News