CSRF Vulnerability in NSA’s SkillTree Training Platform Discovered by Contrast IAST | Contrast Security – Security Boulevard

Contrast Security Assess — Contrast’s Interactive Application Security Testing (IAST) Application Security (AppSec) technology — has uncovered a vulnerability in a training platform called SkillTree that’s maintained on GitHub by the National Security Agency (NSA). 

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Joseph Beeton, Senior Application Security Researcher, Contrast Security. Read the original post at: https://www.contrastsecurity.com/security-influencers/csrf-vulnerability-in-nsas-skilltree-training-platform-discovered-by-contrast-iast-contrast-security