Support #13287

[SCP ID :##6488##] : VAPT Findings - BIF-103420 - Kelemahan Backdate Send New Nootification

Added by Zahir Abd Latif almost 2 years ago. Updated almost 2 years ago.

Status:Closed - End of life cycleStart date:October 26, 2022
Priority:NormalDue date:
Assignee:Zahir Abd Latif% Done:

100%

Category:-Spent time:-
Target version:-

Description

Hi,
Kindly attend below request:-

Deskripsi :

Pengujian pada aplikasi BIFAST menunjukan aplikasi memiliki kelemahan backdate fungsi expiry date dalam send new notification

Situs Target :

http://10.170.136.228/bifast-portal/ss119/sendMailConfirm.do

Rekomendasi :

Kami sarankan untuk implementasi verifikasi pada tanggal yang digunakan dalam fungsi untuk mencegah serangan backdate

9. Send New Notification.png (375 KB) Zahir Abd Latif, October 26, 2022 20:05

9.1 Send New Notification.png (425 KB) Zahir Abd Latif, October 26, 2022 20:05

9.2 Send New Notification.png (224 KB) Zahir Abd Latif, October 26, 2022 20:05

History

#1 Updated by Stephanie Sufrapto almost 2 years ago

  • Status changed from New - Begin Life Cycle to User Acceptance Test
  • Assignee changed from Bramantyo Pujo Wiyono to Zahir Abd Latif
  • % Done changed from 0 to 100

Provide patch Version 2.0.105 at 8 October 2022

#2 Updated by Zahir Abd Latif almost 2 years ago

  • Status changed from User Acceptance Test to Closed - End of life cycle

Issue closed in SCP.

Also available in: Atom PDF