theljstaff (theljstaff) wrote in lj_support,
theljstaff
theljstaff
lj_support

Vulnerabilities in LiveJournal fixed thanks to SECENTIS researchers

Umberto Morelli and Nicolas Dolgin, researchers from SECENTIS, the European industrial PhD focused on computer security, have recently discovered some Cross-Site Request Forgery (CSRF) vulnerabilities in LiveJournal, and have kindly pointed them out to LiveJournal Support Team.

We would like to publicly acknowledge the impact made by Umberto and Nicolas. Thanks to their prompt and thorough report, said vulnerabilities have been timely fixed by LiveJournal developers.

The Team reminds that bug-reports and security reports can be sent to support@livejournal.com. We greatly appreciate your feedback!
Subscribe

  • Support changes

    Hi everyone! After careful consideration, support staff have decided that a few changes are needed to the support system in order to keep everything…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    switch
    default userpic

    Your reply will be screened

    Help
  • 7 comments