Y
Hacker News
new
|
ask
|
show
|
jobs
by
zuck9
4098 days ago
Seems like someone who uses LastPass got XSRF'd: view-source:
http://ramarchy.com/
1 comments
sejit
4098 days ago
The source has changed since your post. If I use LastPass and visited the site, should I be worried? What did the script do?
link
tokenizerrr
4098 days ago
The script grabbed document.documentElement.innerHTML and resubmitted it as the new page contents. See my post above regarding CSRF.
link