Glassdoor Corrects CSRF Bug
A bug bounty hunter has discovered a critical vulnerability on employer review platform Glassdoor’s web domain. The flaw involves a cross-site request forgery (CSRF) that, if exploited, could allow attackers to hijack user accounts.
Cyberwire covered the news, also tapped K2’s CTO Jayant Shukla, who provides commentary on the security event.