Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: Need help figure out this Security vulnerability on this cgi code

by Anonymous Monk
on Apr 01, 2012 at 03:24 UTC ( #962825=note: print w/ replies, xml ) Need Help??

Comment on Re: Need help figure out this Security vulnerability on this cgi code
Re^2: Need help figure out this Security vulnerability on this cgi code
by planetscape (Canon) on Apr 01, 2012 at 04:29 UTC
      Well..It's all fromm the same App...the Security vulnerability reported by the Appscan is different & on another cgi Script...This according to the CWE-ID :598 "Information Exposure Through Query Strings in GET Request-The web application uses the GET method to process requests that contain sensitive information, which can expose that information through the browser's history, Referers, web logs, and other sources. "

        Well..It's all fromm the same App...the Security vulnerability reported by the Appscan is different & on another cgi Script

        Well, the answer doesn't change much, fix your html templates to appease "Appscan"

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://962825]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2014-11-23 12:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My preferred Perl binaries come from:














    Results (131 votes), past polls