Filippo Valsorda is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Filippo Valsorda @filippo

You can't make this up. Nomx is now claiming that their un-authenticated CSRF leading to admin privileges on a public URL poses "non-existing threat" because "the user must visit a hacked website".
infosecurity-magazine.com/news
That's it. CSRF is solved folks! You wanted to rework the OWASP Top 10 anyway, no?

· Amaroq · 12 · 18
mastodon.social powered by Mastodon