- OpenX Community Forums

Welcome Guest ( Log In | Register )

 
 Reply to this topicStart new topic
> Csrf Vulnerability In 2.8.8 Bring Actively Exploited
mbaldwin333
post Apr 30 2012, 05:58 PM
Post #1


Beginner
*

Group: Members
Posts: 4
Joined: 20-April 12
Member No.: 172,183
Dear OpenX,

I would like to bring a security issue to your attention. OpenX Source 2.8.8 is vulnerable to cross site request forgery attacks and it is being actively exploited. Moreover, I have evidence that some of the attacks are originating from adserver.openx.org! The details of my investigation can be found at http://www.infosecstuff.com/openx-csrf-vul...vely-exploited/. This issue needs to be resolved as it is having a negative impact on the OpenX brand, including OpenX Enterprise. Either fix the issues or stop providing OpenX Source.

To the OpenX Source community, this vulnerability affects all versions of OpenX Source. OpenX Source users should be vigilant and follow the remediation tips in the article.

Thank You
Go to the top of the page
 
+Quote Post
 

Reply to this topicStart new topic

 

Blog  |  Newsletter  |  Advertisers  |  Partners  |   About Us   |   Terms   |   Privacy     

© 2009 OpenX
Locations of visitors to this page