MySeq (Security Unlock)
InfoSec 2.0 :: REM :: Mobile :: RPi
Tuesday, July 21, 2009
I've been introduced to this
topic recently. It is a very nice write-up.
Basically this vulnerability requires that you are exposing a JSON service which…
Returns sensitive data with a JSON array.
Responds to GET requests.
This type of attack seems similar as a variant of a
Cross Site Request Forgery (CSRF)
Share to Twitter
Share to Facebook
Share to Pinterest