news-highlightsGlassdoor Corrects CSRF Bug | K2 Security | Web Application Platform

Glassdoor Corrects CSRF Bug

News Highlights

December 15, 2020

Glassdoor Corrects CSRF Bug

A bug bounty hunter has discovered a critical vulnerability on employer review platform Glassdoor’s web domain.  The flaw involves a cross-site request forgery (CSRF) that, if exploited, could allow attackers to hijack user accounts.

Cyberwire covered the news, also tapped K2’s CTO Jayant Shukla, who provides commentary on the security event.

Read the Cyberwire article here


K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131