from
Hacker News
Top
New
Cache configuration change leading to account vulnerability
by
cfabianski
on 3/21/23, 4:41 PM with 1 comments
by
cfabianski
on 3/21/23, 4:42 PM
We wrote about it here
https://www.bearer.com/blog/loom-express-session-incident
and we also updated the famous NodeGoat project to bring more awareness around that kind of mis configuration
https://github.com/OWASP/NodeGoat/pull/286