Godaddy Domain Vulnerability

Discussion in 'BlackHat Lounge' started by JournoNick, Jan 21, 2015.

  1. JournoNick

    JournoNick Power Member

    Joined:
    Feb 11, 2014
    Messages:
    616
    Likes Received:
    312
    Location:
    on the frontline
    Just read that GoDaddy has patched a Cross-Site Request Forgery (CSRF or XSRF) vulnerability. I'm just posting here so people that do have domains with Godaddy may be concerned. This is just a "keep in the loop" type post.

    Code:
    http://breakingbits.net/2015/01/18/taking-over-godaddy-accounts-using-csrf/
    Godaddy had patched it. I'm not a penetration tester so I'm not entirely sure what it means, but maybe check your domains if you have an authority site.

    Ta
     
    • Thanks Thanks x 1