Skip to content
This repository was archived by the owner on Feb 7, 2024. It is now read-only.
This repository was archived by the owner on Feb 7, 2024. It is now read-only.

XSRF vulnerability #7

Open
Open
@luelista

Description

@luelista

I noticed that FreshDNS is vulnerable to Cross-Site Request Forgery, allowing an attacker to e.g. delete all zones on your server if they can get you to load a website containing their javascript while you're logged in to FreshDNS in the same browser.
It is fixed (hopefully) in my merge request #6

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions