Comments on: fixing csrf for jforum and csrf filter analysis (part 1)

By: fixing clickjacking and brute force login for jforum | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sun, 28 Sep 2014 16:26:54 +0000

[…] of the security fixes we’ve made in the CodeRanch fork of JForum such as XSS with quotes and CSRF. Today it is time to write about Clickjacking and preventing brute force […]

By: fixing JForum XSS error in PM module with quotes | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sat, 24 May 2014 17:05:59 +0000

[…] A member reported a XSS vulnerability in stock JForum 2.1.9. We confirmed it was a vulnerability/exposure on CodeRanch as well and fixed our fork. Luckily, it was an easy fix unlike the CSRF problems last year. […]

By: csrf defenses at app sec usa | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sun, 24 Nov 2013 21:40:19 +0000

[…] take CSRF isn’t new to me. See what we did at CodeRanch. I think it is an important topic though and it was interesting to see about other solutions. The […]

By: csrf – jforum cleanup and problems | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sat, 23 Mar 2013 16:06:17 +0000

[…] fixing csrf for jforum and csrf filter analysis (part 1) […]

By: csrf for JForum without javascript | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sat, 23 Mar 2013 16:04:08 +0000

[…] fixing csrf for jforum and csrf filter analysis (part 1) […]

By: csrf – extending the owasp solution and “interesting” IE javascript bugs (part 2) | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

Sat, 09 Feb 2013 15:54:45 +0000

[…] fixing csrf for jforum and csrf filter analysis (part 1) […]