Access to has been suspended

I have suspended access to the tool due to concerns of CSRF vulnerabilities. Due to the nature of the pmt project, I have avoided suspending access to other parts of the website. I will update when I have more information to share.

If you have used the insta tool in the past, you should revoke GitHub API access immediately. To revoke the authorization, you can go to, and look through every application to find one called “insta” (and ones that you don’t know what they are if you have authorized other instances of, and click the Revoke button.

Due to the stagnant nature of the project, it is unlikely that a fix will be forthcoming.

I have taken action on behalf of the service. The insta service is operated by a third party that is independent of PMMP and Attempt has been made to establish contact.

This issue was disclosed publicly by @SOFe on December 10th (

Published: December 19 2016

  • category:
  • tags:
blog comments powered by Disqus