On 30 Nov 2009, at 07:48, John Dos wrote: > After passing the Basic Auth login you can create/delete applications.
If Basic auth is the only protection, isn't dotDefender also vulnerable to XSRF?
- Remote Command Execution in dotDefender Site Management John Dos
- Re: [Full-disclosure] Remote Command Execution in dotDe... Andrew Farmer
- Re: [Full-disclosure] Remote Command Execution in dotDe... Henri Salo
