Actually, I think craigslist probably views this more as a feature than an exploit. Since you don't need an account to post on craigslist, they can't do normal cookie based authentication, so they just give you a secret url for editing your page. Unfortunately, the only thing secret about the url is a 5 character alpha-numeric string, which I suppose would be possible to brute force.
Actually, I think craigslist probably views this more as a feature than an exploit. Since you don't need an account to post on craigslist, they can't do normal cookie based authentication, so they just give you a secret url for editing your page. Unfortunately, the only thing secret about the url is a 5 character alpha-numeric string, which I suppose would be possible to brute force.