all InfoSec news
Thoughts about reporting SPA as Broken access control
Sept. 5, 2023, 3:45 p.m. | /u/EpicBot
cybersecurity www.reddit.com
I recently received a pen testing report for an SPA (Single Page Application) with only one major vulnerability reported, with a CVSS of 8.1.
The reported issue is classified as "Broken access control".
In this deficiency, they report that by patching the client-side authentication logic in the SPA or using a proxy and modifying the authentication response from the server.
They then …
access access control application broken access control classified control cvss cybersecurity issue major page pen pen testing report reporting rules single single page application spa testing thoughts vulnerability
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
12 hours ago |
www.reddit.com
State of WiFi Security in 2024
13 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
15 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC