« Firefox 3.0.6 Released To Address Multiple Security Issues | Main | PHP filesystem attack vectors »

Revising netflix's CSRF

Dave Ferguson writes

"Back in 2006, I put out some findings about CSRF on Netflix's web site.  I thought people might be interested to know that I revisited the issue recently and was shocked to find Netflix
still hasn't fixed all their CSRF issues, at least when it comes to movie queues.  You can read more about it here:



Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Certainly it's easy to fix, I bet NFlix left it in for a business reason - some service probably depends on it.

Post a comment

Remember personal info?