New Relic: CSRF - Regenerate all admin api keys
Hi The request to regenerate all admin api keys is a GET request without CSRF protection. As such, you can regenerate someone's keys using csrf. While not too big of an issue the admin can always see the keys and use them its certainly annoying and can cause business disruption. Additionally, a...