Support #5400

[SCP ID :##2739##] : Pentest result.

Added by Zahir Abd Latif about 9 years ago. Updated over 8 years ago.

Status:Closed - End of life cycleStart date:July 22, 2015
Priority:NormalDue date:
Assignee:Zahir Abd Latif% Done:

0%

Category:-Spent time:-
Target version:-

Description

Hi,
Kindly attend below request:

Need your help to fix below item as pentest result :

www.bankbii.com: Session cookie without secure and httponly flags
www.bankbii.com: Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
www.bankbii.com: Improper control of Interaction Frequency in Credit Card Payment

History

#1 Updated by Zahir Abd Latif about 9 years ago

Dear Gabby,

Kindly assist to update the current status or any finding/progress on this issue in Redmine.

Thanks.

#2 Avatar?id=2607&size=24 Updated by Rayvandy Gabbytian about 9 years ago

Dear Zahir,

I have not look into this issue yet (item #1 & item #2)
Item #3 needs business team to make a suggestion because it requires captcha addition in the BII CC Payment detail screen.

Thank you.

#3 Updated by Zahir Abd Latif almost 9 years ago

  • Status changed from New - Begin Life Cycle to Pending Customer Feedback

Pending business team to make decision to use captcha or not.

#4 Updated by Tan Lee Yong over 8 years ago

Hi Gabby, can we close this case? We can't wait for ever for customer to come back (been 8 months waiting already). Tell customer we had deliver this and anything they can open new case.

Zahir, close this case on next Wednesday if we didn't hear back from Gabby or customer.

#5 Updated by Zahir Abd Latif over 8 years ago

  • Status changed from Pending Customer Feedback to Closed - End of life cycle
  • Assignee changed from Rayvandy Gabbytian to Zahir Abd Latif

Also available in: Atom PDF