Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
*** Serious vulnerability
02-19-2014, 10:38 PM,
#12
RE: *** Serious vulnerability
(02-19-2014, 10:30 PM)Forums Wrote: The macro _must_ authenticate or otherwise by definition the data is available for anybody to view.

Tim
That's correct, but there are other ways to feed the macro most likely.

Is there any vulnerability reporting and fix process for webERP? I think it could be useful to have even though the use might occur rarely. Might help so we don't feed anyone that might be bored enough to want to go play with their new found knowledge.
Reply


Messages In This Thread
*** Serious vulnerability - by Forums - 02-15-2014, 10:46 PM
RE: Potential vulnerability - by agaluski - 02-18-2014, 12:00 AM
RE: Potential vulnerability - by Forums - 02-18-2014, 12:33 AM
RE: Potential vulnerability - by icedlava - 02-19-2014, 06:00 PM
RE: Potential vulnerability - by phil - 02-19-2014, 06:24 PM
RE: Potential vulnerability - by icedlava - 02-19-2014, 06:30 PM
RE: Potential vulnerability - by Forums - 02-19-2014, 07:28 PM
RE: Potential vulnerability - by icedlava - 02-19-2014, 08:55 PM
RE: Potential vulnerability - by Forums - 02-19-2014, 09:12 PM
RE: Potential vulnerability - by icedlava - 02-19-2014, 10:24 PM
RE: *** Serious vulnerability - by Forums - 02-19-2014, 10:30 PM
RE: *** Serious vulnerability - by icedlava - 02-19-2014, 10:38 PM
RE: *** Serious vulnerability - by Forums - 02-19-2014, 11:22 PM
RE: *** Serious vulnerability - by jo lwebuga - 02-20-2014, 02:35 AM
RE: *** Serious vulnerability - by phil - 02-20-2014, 01:00 PM

Forum Jump:


Users browsing this thread: 2 Guest(s)