Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: Need help figure out this Security vulnerability on this cgi code

by Anonymous Monk
on Apr 01, 2012 at 03:24 UTC ( [id://962825]=note: print w/replies, xml ) Need Help??


in reply to Need help figure out this Security vulnerability on this cgi code

In what way is this question different from Need help figure out CSRF vulnerability on this cgi code?

  • Comment on Re: Need help figure out this Security vulnerability on this cgi code

Replies are listed 'Best First'.
Re^2: Need help figure out this Security vulnerability on this cgi code
by planetscape (Chancellor) on Apr 01, 2012 at 04:29 UTC
[reply]
      Well..It's all fromm the same App...the Security vulnerability reported by the Appscan is different & on another cgi Script...This according to the CWE-ID :598 "Information Exposure Through Query Strings in GET Request-The web application uses the GET method to process requests that contain sensitive information, which can expose that information through the browser's history, Referers, web logs, and other sources. "
[reply]

        Well..It's all fromm the same App...the Security vulnerability reported by the Appscan is different & on another cgi Script

        Well, the answer doesn't change much, fix your html templates to appease "Appscan"

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://962825]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others lurking in the Monastery: (2)
As of 2024-04-26 03:14 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found