It was brought to our attention that Flowchart.com had couple of security “issues” - Which have been fixed.
1) There was a possibility of someone using brute force to attack user accounts as we did not time out login attempts.
2) There was a possibility of XFS (Cross Frame Scripting) attack, whereby our embeded flowchart feature could be misused.
Not huge issues per-se, but issues none the less. Folks from “ethical” hacking site techdefencelabs.com (especially Smit Shah ) sent over an email mentioning the issues along with option to get a bounty for bug report or option to publicly mention them. Since we don’t provide a bounty, next best thing was this blog post to thank them. We appreciate their report. Thank you Smit.