Recently, the Checkmarx Security Research Team was looking for API security issues in high-profile web applications, including Meetup.com. In addition to some more-common API issues, we also found some serious cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities, which may put users at risk. Full descriptions of Checkmarx’s findings can be found in this report.
The Checkmarx Security Research Team is committed to providing organizations with actionable insight to support their efforts of building more secure software. Producing a variety of research reports, the Checkmarx Team helps all technology users better understand the most prominent software and application issues impacting today’s digital world. We all have a responsibility to build software security into everything we deliver, and the Checkmarx Security Research Team is at the forefront of this mission.
Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive Software Security Platform that unifies with DevOps and provides static and interactive application security testing, software composition analysis and developer AppSec awareness and training programs to reduce and remediate risk from software vulnerabilities. Checkmarx is trusted by more than 40 percent of the Fortune 100 and half of the Fortune 50, including leading organizations such as SAP, Samsung and Salesforce.com.