ENXF NET
Administrator
Staff member
Administrator
Moderator
+Lifetime VIP+
S.V.I.P.S Member
S.V.I.P Member
V.I.P Member
Collaborate
Registered
- Joined
- Nov 13, 2018
- Messages
- 27,614
- Points
- 823
Starting a connected account association is done via
Example
Start associate account with Google
Suggested Mitigation
Only start the process with
Continue reading...
GET, this allows to trick users into clicking a link that starts a connected account association which they might not want to perform.Example
Start associate account with Google
Suggested Mitigation
Only start the process with
POST, if called via GET show a confirmation (or an error if it's not a navigational request).Continue reading...