3 matches found
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...