Security Expert Re: Critical Glassdoor Vulnerability Impacts Both Job Seekers And Employers

By   ISBuzz Team
Writer , Information Security Buzz | Dec 14, 2020 08:15 am PST

A critical CSRF vulnerability found on the Glassdoor company review platform impacted both job seekers and employers on the web domain.  The vulnerability could be exploited to take over accounts.  

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jayant Shukla
Jayant Shukla , CTO and co-founder
December 14, 2020 4:23 pm

The discovery of a CSRF vulnerability in the Glassdoor site is a good reminder that CSRF remains a critical web application risk, and has appeared often on the OWASP Top 10 web application risks list. The fact that CSRF vulnerabilities continue to exist in web sites and applications like Glassdoor shows that not enough organizations test and protect their websites and applications against common web application vulnerabilities.

NIST recently updated their SP800-53 Security and Privacy Framework to add focus on these issues by including RASP (Runtime Application Self-Protection) and IAST (Interactive Application Security Testing). These types of security solutions more effectively target the risks outlined by the current and past OWASP Top 10 lists.

Last edited 3 years ago by Jayant Shukla

Recent Posts

Would love your thoughts, please comment.x