Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

SAK Single-page Application Site by SC5 online Vulnerable

Jul 29, 2013 9:16PM PDT

Users of the SAK.fi single-page application website have spotted coming-in request validation vulnerabilities. One user also found that the website was vulnerable to xss and Cross-Site Request Forgery (CSRF) Attacks. SC5 online ltd helped SAK develop their new site as a fast-loading single-page application (SPA). One of their key developers Martti Malmi is said to have also helped develop the POP Vakuutus that is vulnerable to HTML5 attacks.

Attempts to reach either company have bore no fruit but we hope that users can be careful while using such websites.

Discussion is locked