A patch was added to the hard fork release this month, but the default is to have it disabled?!? Be aware.
Beware Monero users: CSRF vuln allows remote compromise of wallet.
A patch was added to the hard fork release this month, but the default is to have it disabled?!? Be aware.
[2 Points] avgeca:
[0 Points] jack19056:
LOL
bug was already known (thx to responsible disclosure by MRW) and has been fixed:
https://getmonero.org/2016/09/21/a-statement-on-the-mwr-labs-disclosure.html