GoDaddy patches CSRF security flaw allowing editing domain records

Posted by DomainGang on January 20, 2015, at 2:13 pm

A security expert reported that a Cross-Site Request Forgery (CRSF) vulnerability at GoDaddy, allowed third parties to potentially edit and manipulate domain records arbitrarily. “While I was managing an old domain in GoDaddy, I noticed that there was absolutely no cross-site request forgery protection at all on many GoDaddy DNS management actions, which are state-changing […]

Filed under Domain News · Tagged with CSRF GoDaddy, DomainGang.com, Domainers, Domaining, Domains, GoDaddy, domain name gang, domain news, domain news done right, domaingang, security flaw

PayPal: OpenID security flaw did not affect PayPal customer accounts

Posted by DomainGang on May 5, 2014, at 8:12 pm

A new security flaw that affected users of open source login tools, OAuth 2.0 and OpenID did not affect PayPal accounts, stated PayPal today. The vulnerability affected numerous other web sites that utilize those two methods of logging into services, including some offered by PayPal. The statement was as follows: “As always, it’s important to […]

Filed under Domain News · Tagged with DomainGang.com, Domainers, Domaining, Domains, OAuth 2.0 security, OpenID security, Paypal, domain name gang, domain news, domain news done right, domaingang, security flaw

GoDaddy patches CSRF security flaw allowing editing domain records

PayPal: OpenID security flaw did not affect PayPal customer accounts

A year ago today!

Archives

CATEGORIES

Recent Comments