Plone Cross-Site Request Forgery

If you have been paying attention to Plone checkins, you might have noticed some checkins mentioning CSRF (Cross-Site Request Forgery) flying by. Today Secunia released an advisory about the issue.

As can be seen from the referenced paper, web technologies make some things just way too simple to hack around.

On a unrelated note, call me luddite, but I really think moving our life to the cloud presents way more unforeseen threats than our little brains can imagine.


2 thoughts on “Plone Cross-Site Request Forgery

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.