Hi, Orkut is vulnerable to CSRF. just to confirm login into orkut and prepare a html page with following code.
<html> <img src="http://www.orkut.co.in/GLogin?cmd=logout";> </html> save this file as html and in a new tab open this html file and go the previous logged in tab and try to click on any link and see u will get logged out from the application. On 13 June 2010 20:53, Amar Deep <[email protected]> wrote: > Hi, > > THe Information what we are providing is only to have a awarenes on the > security issues not that any > one can do inpratical on that ,so our rquest is just learn the things and > if any new from your side plz make known about that issue to every one. > > > > Regards, > > T.Amardeep, > > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nforceit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > -- Regards, kishore sangaraju -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
