GoDaddy patches CSRF security flaw allowing editing domain records

A security expert reported that a Cross-Site Request Forgery (CRSF) vulnerability at GoDaddy, allowed third parties to potentially edit and manipulate domain records arbitrarily. “While I was managing an old domain in GoDaddy, I noticed that there was absolutely no cross-site request forgery protection at all on many GoDaddy DNS management actions, which are state-changing […]

Copyright © 2024 DomainGang.com · All Rights Reserved.

PayPal: OpenID security flaw did not affect PayPal customer accounts

A new security flaw that affected users of open source login tools, OAuth 2.0 and OpenID did not affect PayPal accounts, stated PayPal today. The vulnerability affected numerous other web sites that utilize those two methods of logging into services, including some offered by PayPal. The statement was as follows: “As always, it’s important to […]

Copyright © 2024 DomainGang.com · All Rights Reserved.