Support #13296
[SCP ID :##6497##] : VAPT Findings - BIF-103440- Kelemahan IDOR - Mailbox Read
Status: | Closed - End of life cycle | Start date: | October 26, 2022 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Zahir Abd Latif | % Done: | 100% | |
Category: | - | Spent time: | - | |
Target version: | - |
Description
Hi,
Kindly attend below request:-
Deskripsi :
Pengujian pada aplikasi BIFAST menunjukan aplikasi memiliki kelemahan terhadap serangan insecure direct object reference dimana penyerang bisa melihat informasi mailbox dengan mengganti parameter "mailid"
Sistem Target :
Rekomendasi :
Kami sarankan untuk implementasi pencegahan berikut :
History
#1 Updated by Stephanie Sufrapto almost 2 years ago
- Status changed from New - Begin Life Cycle to Pending UAT Deployment
- Assignee changed from Bramantyo Pujo Wiyono to Zahir Abd Latif
- % Done changed from 0 to 100
Provide patch Version 2.0.105 at 8 November 2022
#2 Updated by Zahir Abd Latif almost 2 years ago
- Status changed from Pending UAT Deployment to Closed - End of life cycle
Issue closed in SCP.