“Internet domain registrar GoDaddy has rushed to fix a cross-site request forgery (CSRF) vulnerability that could have been leveraged by malicious actors to take over domains.
The flaw was identified on January 17 by New York-based security engineer Dylan Saccomanni while managing a domain. The expert realized that the company had not implemented any CSRF protections for many DNS management actions.”
(Source: CSRF Flaw Allowed Attackers to Hijack GoDaddy Domains | SecurityWeek.Com
