Activity

From March 05, 2022 to April 03, 2022

March 25, 2022

18:43 Agrobank Change Request Change #8187 (Closed - End of life cycle): [CR_Security Token] - UPASS Identity & Multi Factor Au...: Old record Tan Lee Yong
18:42 Agrobank Change Request Enhancement #6837 (Dropped-End of life cycle): To change process when upload token: Old record Tan Lee Yong
18:41 Agrobank Projects Change #6910 (Dropped-End of life cycle): Cron job to generate reconciliation report: Old record Tan Lee Yong
18:40 RPP Test Script Task #8261 (Dropped-End of life cycle): [Test Script] - 2.6 Dispute Management: Tan Lee Yong
18:40 RPP Test Script Task #8259 (Dropped-End of life cycle): [Test Script] - 2.2.5 Participant Liquidity Status: Old record Tan Lee Yong
18:39 RPP Test Script Task #8254 (Dropped-End of life cycle): [Test Script] - 2.1.7 Ad Hoc Charge Instruction: Old record Tan Lee Yong
18:39 RPP Test Script Task #8252 (Dropped-End of life cycle): [Test Script] - 2.1.5 Service Fee Maintenance: Old recordOld record Tan Lee Yong
18:39 RPP FSD Task #8169 (Closed - End of life cycle): [RPP FSD] - Report: Old record Tan Lee Yong
18:38 System Internal / Integration Test (SIT) Bug #8321 (Closed - End of life cycle): [Checker] Authorization: Old record Tan Lee Yong
18:38 System Internal / Integration Test (SIT) Bug #8359 (Closed - End of life cycle): Authorization: Old record Tan Lee Yong
18:38 System Internal / Integration Test (SIT) Bug #8361 (Closed - End of life cycle): [Admin] Authorization > Maker Authorization Log: Old record Tan Lee Yong
18:37 System Internal / Integration Test (SIT) Bug #8623 (Closed - End of life cycle): Unable to create Viewer.: Old record Tan Lee Yong
18:37 System Internal / Integration Test (SIT) Bug #8428 (Closed - End of life cycle): Participant User Group Maintenance > Edit: Old record Tan Lee Yong
18:36 System Internal / Integration Test (SIT) Bug #8426 (Closed - End of life cycle): Participant User Group Maintenance > Create: Old record Tan Lee Yong
18:35 System Internal / Integration Test (SIT) Bug #8671 (Closed - End of life cycle): Participant User Group Maintenance > Display Created Grou...: Old record Tan Lee Yong
18:35 Phase 2 Enhancement Bug #10851 (Closed - End of life cycle): [MERCHANT MAINT] Merchant Group Maintenance - Create : B...: Old record Tan Lee Yong
18:35 Phase 2 Enhancement Bug #10841 (Closed - End of life cycle): [MERCHANT MAINT] Merchant User Maintenance > Create : Br...: Old record Tan Lee Yong
18:34 Phase 2 Enhancement Bug #10866 (Closed - End of life cycle): [MERCHANT] Merchant Audit Trail: Old record Tan Lee Yong
18:32 Phase 2 Enhancement Bug #10900 (Closed - End of life cycle): [CONSENT ENQUIRY] : To test Consent Enquiry with invalid...: Old record Tan Lee Yong
18:32 Phase 2 Enhancement Bug #10921 (Closed - End of life cycle): Email Notification: Old record Tan Lee Yong
16:55 Phase 2 Enhancement Bug #11002 (Closed - End of life cycle): [AUTHORIZATION] : Authorize Refund: Old record Tan Lee Yong
16:55 Phase 2 Enhancement Bug #11002: [AUTHORIZATION] : Authorize Refund: Old record Tan Lee Yong
16:54 Phase 2 Enhancement Bug #11002: [AUTHORIZATION] : Authorize Refund: Old record Tan Lee Yong
16:54 Phase 2 Enhancement Bug #10963 (Closed - End of life cycle): [MERCHANT MANAGEMENT] : Merchant Profile > Edit Merchant...: Old record Tan Lee Yong
16:54 Phase 2 Enhancement Bug #10979 (Closed - End of life cycle): [Merchant Application] Save Function: Old record Tan Lee Yong
16:54 Phase 2 Enhancement Task #10905 (Closed - End of life cycle): To test on Phase 2 - Participant module: Old record Tan Lee Yong
16:53 Phase 2 Enhancement Bug #11011 (Closed - End of life cycle): [MERCHANT MANAGEMENT] : Merchant Product Management > Ed...: Old record Tan Lee Yong
16:49 Phase 2 Enhancement Bug #10919 (Closed - End of life cycle): [PENDING APPLICATION] : Email Notification for Return & ...: Old record Tan Lee Yong
16:48 Phase 2 Enhancement Bug #10920 (Closed - End of life cycle): [PENDING APPLICATION] : Application not save in authoris...: Old record Tan Lee Yong
16:48 Phase 2 Enhancement Bug #11164 (Closed - End of life cycle): [RPPBOP2_SIT118]: Merchant Maintenance > Merchant User M...: Old record Tan Lee Yong
16:48 Phase 2 Enhancement Bug #11165 (Closed - End of life cycle): [RPPBOP2_SIT119]: Merchant Maintenance > Merchant Enquir...: Old record Tan Lee Yong
16:47 Phase 2 Enhancement Bug #11166 (Closed - End of life cycle): [RPPBOP2_SIT120]: Merchant Maintenance > Merchant Enquir...: Old record Tan Lee Yong
16:47 Phase 2 Enhancement Bug #11163 (Closed - End of life cycle): [RPPBOP2_SIT117]: Merchant Maintenance > Pending Applica...: Old record Tan Lee Yong
16:47 Phase 2 Enhancement Bug #11168 (Closed - End of life cycle): [RPPBOP2_SIT122]: Merchant Maintenance > Merchant Enquir...: Old record Tan Lee Yong
16:47 Phase 2 Enhancement Bug #11167 (Closed - End of life cycle): [RPPBOP2_SIT121]: Merchant Maintenance > Merchant Enquir...: Old record Tan Lee Yong
16:46 Phase 2 Enhancement Bug #11169 (Closed - End of life cycle): [RPPBOP2_SIT124]: Merchant Registration > Email notifica...: Old record Tan Lee Yong
16:46 Phase 2 Enhancement Bug #11170 (Closed - End of life cycle): [RPPBOP2_SIT126]: Merchant Audit Trail: Old record Tan Lee Yong
16:42 PayNet SIT Log Bug #8509 (Closed - End of life cycle): [0000925] : Incorrect message displayed when activate aga...: Too old Tan Lee Yong
16:37 1. CDB_Phase 2 & 3 Development Bug #12381 (Development / Work In Progress): DuitNow - Arrangement of Mobile details receipt shou...: Issue is triggered when getting unordered set of value request from mobile.
Suspected occur during mfp which is con... Nurul Hasnieza Bt Mohd Zamri
16:36 1. CDB_Phase 2 & 3 Development Bug #12382 (Development / Work In Progress): Financing - Update mobile receipt to display same as...: Issue is triggered when getting unordered set of value request from mobile.
Suspected occur during mfp which is con... Nurul Hasnieza Bt Mohd Zamri
16:34 1. CDB_Phase 2 & 3 Development Bug #12383 (Development / Work In Progress): Corporate Card - Update mobile receipt to display sa...: Issue is triggered when getting unordered set of value request from mobile.
Suspected occur during mfp which is con... Nurul Hasnieza Bt Mohd Zamri

March 24, 2022

15:18 1. CDB_Phase 2 & 3 Development Bug #12388 (System Integration Test): DuitNow - "null" is displayed in Verifier Receipt when init...: Nurul Syahirah Md Nawi
15:18 1. CDB_Phase 2 & 3 Development Bug #12388: DuitNow - "null" is displayed in Verifier Receipt when initiate from Mobile: Tested & passed Nurul Syahirah Md Nawi
14:52 1. CDB_Phase 2 & 3 Development Bug #12388 (Internal Testing): DuitNow - "null" is displayed in Verifier Receipt when initiate fr...: Please test SIT build 266 version 3.2.10 for VPN Penril, and SIT build 267 for Internal BSN Susanto Felix Brilliant

March 23, 2022

14:16 1. CDB_Phase 2 & 3 Development Task #11675 (Work Completed-End life cycle): WEB - Credit Card: tested & passed Nurul Syahirah Md Nawi
14:15 1. CDB_Phase 2 & 3 Development Task #12053 (Work Completed-End life cycle): RFP 1.1.4 - Financing- Web development: tested & passed Nurul Syahirah Md Nawi
14:13 1. CDB_Phase 2 & 3 Development Bug #12183 (System Integration Test): Financing - Receipt not display Transfer Mode for Mobile: Nurul Syahirah Md Nawi
14:12 1. CDB_Phase 2 & 3 Development Bug #12385 (System Integration Test): IBG - "null" is displayed in Verifier Receipt when initiate...: Nurul Syahirah Md Nawi
14:12 1. CDB_Phase 2 & 3 Development Bug #12385: IBG - "null" is displayed in Verifier Receipt when initiate from Mobile: Tested & passed Nurul Syahirah Md Nawi
14:10 1. CDB_Phase 2 & 3 Development Bug #12812 (System Integration Test): Rentas_Android - Receipt Title is wrongly displayed for Fav...: Nurul Syahirah Md Nawi
14:10 1. CDB_Phase 2 & 3 Development Bug #12812: Rentas_Android - Receipt Title is wrongly displayed for Favourite Popup IBG to Rentas...: Tested & passed Nurul Syahirah Md Nawi
13:27 1. CDB_Phase 2 & 3 Development Bug #12385 (Internal Testing): IBG - "null" is displayed in Verifier Receipt when initiate from M...: Hi Syahira,
kindly refer to the link below for SIT apk.
https://drive.google.com/file/d/1M2M5pgrXcdubKV7MsJm4uJ... Rahmat Aina Nadia
13:25 1. CDB_Phase 2 & 3 Development Bug #12388: DuitNow - "null" is displayed in Verifier Receipt when initiate from Mobile: Hi Syahira,
kindly refer to the link below for the Android SIT apk.
https://drive.google.com/file/d/1M2M5pgrXc... Rahmat Aina Nadia
13:23 1. CDB_Phase 2 & 3 Development Bug #12812 (Internal Testing): Rentas_Android - Receipt Title is wrongly displayed for Favourite ...: Hi Syahira,
kindly refer to the link below for SIT apk.
https://drive.google.com/file/d/1M2M5pgrXcdubKV7MsJm4u... Rahmat Aina Nadia

March 22, 2022

16:32 1. CDB_Phase 2 & 3 Development Bug #12388 (Development / Work In Progress): DuitNow - "null" is displayed in Verifier Receipt wh...: Beneficiary ID type & Account Holder Name need android code to update request parameter.
Account Holder Name needs i... Nurul Hasnieza Bt Mohd Zamri
09:52 1. CDB_Phase 2 & 3 Development Bug #12183: Financing - Receipt not display Transfer Mode for Mobile: Tested & passed Nurul Syahirah Md Nawi
09:23 1. CDB_Phase 2 & 3 Development Bug #12812 (Development / Work In Progress): Rentas_Android - Receipt Title is wrongly displayed ...: Rahmat Aina Nadia

March 21, 2022

18:32 1. CDB_Phase 2 & 3 Development Bug #12385 (Development / Work In Progress): IBG - "null" is displayed in Verifier Receipt when i...: Done fix display Transfer Mode. Beneficiary ID type needs android code to update request parameter.
IOS already okay. Nurul Hasnieza Bt Mohd Zamri
18:09 1. CDB_Phase 2 & 3 Development Bug #12183 (Internal Testing): Financing - Receipt not display Transfer Mode for Mobile: SIT Restful deploy on 21/03/2022. Kindly retest. Nurul Hasnieza Bt Mohd Zamri
16:53 1. CDB_Phase 2 & 3 Development Bug #12812: Rentas_Android - Receipt Title is wrongly displayed for Favourite Popup IBG to Rentas...: After checking, the issue only found in android. Assign to Aina to check on android coding. Nurul Hasnieza Bt Mohd Zamri

March 18, 2022

12:30 BSN Corporate Digital Banking Task #12582 (System Integration Test): Pentest_CDB - OTP Does Not Expire [LOW]: Nurul Syahirah Md Nawi
11:37 BSN Corporate Digital Banking Task #12582: Pentest_CDB - OTP Does Not Expire [LOW]: Tested & passed:
1.Approver & Single User IOS – After OTP timeout, cannot login to Web
2.Approver & Single User A... Nurul Syahirah Md Nawi
10:51 BSN Corporate Digital Banking Task #12582 (Internal Testing): Pentest_CDB - OTP Does Not Expire [LOW]: Issue:
Mobile screen show OTP timeout is 1 minute but actual timeout at upass server is 5 minutes.
Finding:
The ... Najmi Pasarudin
09:32 BSN Corporate Digital Banking Task #12582: Pentest_CDB - OTP Does Not Expire [LOW]: Got update from Mr.Lee.
Working on updating the OTP parameter in Upass. Najmi Pasarudin
09:32 BSN Corporate Digital Banking Task #12581: Pentest_CDB - Usable Previously Requested OTP [LOW]: Got update from Mr.Lee.
Working on updating the OTP parameter in Upass. Najmi Pasarudin
09:31 BSN Corporate Digital Banking Task #12582 (Development / Work In Progress): Pentest_CDB - OTP Does Not Expire [LOW]: Najmi Pasarudin

March 17, 2022

11:34 1. CDB_Phase 2 & 3 Development Bug #12866 (Internal Testing): BSNeBiz Navigation - Set Zakat to offline: Issue:
System off the module at BSNeBiz Navigation but displays different offline message
Cause:
Because the mai... Lai Wen Hong

March 16, 2022

14:53 BSN Corporate Digital Banking Task #12581: Pentest_CDB - Usable Previously Requested OTP [LOW]: Based on Adit's feedback, the OTP library provided by Mr.Lee has 5 minutes buffer.
Currently unable to update due to... Najmi Pasarudin
14:51 BSN Corporate Digital Banking Task #12582 (System Integration Test): Pentest_CDB - OTP Does Not Expire [LOW]: Based on Adit's feedback, the OTP library provided by Mr.Lee has 5 minutes buffer.
Currently unable to update due to... Najmi Pasarudin
14:37 1. CDB_Phase 2 & 3 Development Bug #12382: Financing - Update mobile receipt to display same as web: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:37 1. CDB_Phase 2 & 3 Development Bug #12812: Rentas_Android - Receipt Title is wrongly displayed for Favourite Popup IBG to Rentas...: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:37 1. CDB_Phase 2 & 3 Development Bug #12388: DuitNow - "null" is displayed in Verifier Receipt when initiate from Mobile: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:37 1. CDB_Phase 2 & 3 Development Bug #12385: IBG - "null" is displayed in Verifier Receipt when initiate from Mobile: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:36 1. CDB_Phase 2 & 3 Development Bug #12381: DuitNow - Arrangement of Mobile details receipt should follow Web receipt: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:36 1. CDB_Phase 2 & 3 Development Bug #12183: Financing - Receipt not display Transfer Mode for Mobile: Hi Hasnieza, please help with this task. Najmi Pasarudin
14:25 1. CDB_Phase 2 & 3 Development Bug #12866 (Development / Work In Progress): BSNeBiz Navigation - Set Zakat to offline: Lai Wen Hong
14:18 1. CDB_Phase 2 & 3 Development Bug #12866 (Internal Testing): BSNeBiz Navigation - Set Zakat to offline: Test Scenario :
Set Zakat to offline and add offline message at BSNeBiz Navigation
Test Step :
1. Access to ... Nurul Athira Abdul Rahim
12:03 BSN Corporate Digital Banking Task #12583 (Pending Review): Pentest_CDB - No Client-Side Session Timeout [LOW]: Production deployed on 4/3/2022 Najmi Pasarudin
12:01 BSN Corporate Digital Banking Task #12593 (System Integration Test): Pentest_CDB - Arbitrary Host Header Accepted [INFO]: CF:Configuration between IBM HTTP Server(Web Server) and IBM WebSphere Application Server(App Server) are using hosts... Najmi Pasarudin
12:00 BSN Corporate Digital Banking Task #12592 (System Integration Test): Pentest_CDB - TLS/SSL Server Supports The Use of Static Ke...: CF:Listed TLS were used by IBM WAS Application and default supported TLS encrption under strong cipher suite groups s... Najmi Pasarudin
11:59 BSN Corporate Digital Banking Task #12590 (System Integration Test): Pentest_CDB - Diffie-Hellman Group Smaller Than 2048 Bits ...: CF:Listed TLS were used by IBM WAS Application and default supported TLS encrption under strong cipher suite groups s... Najmi Pasarudin
11:59 BSN Corporate Digital Banking Task #12589 (System Integration Test): Pentest_CDB - [POTENTIAL] TLS/SSL Timing Side-Channel Atta...: CF:Staging server are unable to perform OS /yum update due to limited license Najmi Pasarudin
11:58 BSN Corporate Digital Banking Task #12584 (System Integration Test): Pentest_CDB - Missing "Content-Security-Policy" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
11:58 BSN Corporate Digital Banking Task #12586 (System Integration Test): Pentest_CDB - Missing "X-Content-Type-Options" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
11:58 BSN Corporate Digital Banking Task #12587 (System Integration Test): Pentest_CDB - Missing "X-Frame-Options" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
11:58 BSN Corporate Digital Banking Task #12588 (System Integration Test): Pentest_CDB - Missing HTTP "Strict-Transport-Security" Hea...: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
11:57 BSN Corporate Digital Banking Task #12579 (System Integration Test): Pentest_CDB - Username Enumeration [LOW]: Not an issue.
CDB has 2 login page, with and without OTP, depending on user type.
Login with OTP:
SIngle user
... Najmi Pasarudin
11:53 BSN Corporate Digital Banking Task #12577 (System Integration Test): Pentest_CDB - Insecure Direct Object Reference (IDOR) [MED]: LGMS marked as solved Najmi Pasarudin
11:51 BSN Corporate Digital Banking Task #12576 (System Integration Test): Pentest_CDB - Using Components with Known Vulnerabilities ...: SIT updated on 16/3/2022
ckeditor removed
JasperReport upgraded to version 6.19.0
iText 2.1.7.js9 is JasperRep... Najmi Pasarudin
11:38 BSN Corporate Digital Banking Task #12574 (System Integration Test): Pentest_IBAM - Arbitrary Host Header Accepted [INFO]: CF:
Configuration between IBM HTTP Server(Web Server) and IBM WebSphere Application Server(App Server) are using hos... Najmi Pasarudin
11:33 BSN Corporate Digital Banking Task #12573 (System Integration Test): Pentest_IBAM - TLS/SSL Server Supports The Use of Static K...: LGMS solution not possible based on CF comment.
CF:
Listed TLS were used by IBM WAS Application and default suppo... Najmi Pasarudin
11:32 BSN Corporate Digital Banking Task #12571 (System Integration Test): Pentest_IBAM - Diffie-Hellman Group Smaller Than 2048 Bits...: LGMS solution not possible based on CF comment.
CF:
Listed TLS were used by IBM WAS Application and default suppo... Najmi Pasarudin
11:30 BSN Corporate Digital Banking Task #12570 (System Integration Test): Pentest_IBAM - [POTENTIAL] TLS/SSL Timing Side-Channel Att...: Unable to apply fix to staging server due to limited license. Najmi Pasarudin
11:29 BSN Corporate Digital Banking Task #12569 (Pending SIT Deployment): Pentest_IBAM - Reflected Cross-Site Scripting (XSS) [LOW]: Previous fix was wrong.
SIT deployed on 16/3/2022 Najmi Pasarudin
11:19 BSN Corporate Digital Banking Task #12568 (System Integration Test): Pentest_IBAM - Insecure Direct Object Reference (IDOR) [LOW]: Previous fix was wrong.
SIT deployed on 16/3/2022 Najmi Pasarudin
10:26 BSN Corporate Digital Banking Task #12564 (Pending Review): Pentest_IBAM - Multiple Concurrent Session Allowed [LOW]: Production is already set as single sign-on.
UAT updated sso on 16/3/2022 Najmi Pasarudin
10:25 BSN Corporate Digital Banking Task #12560 (Pending Review): Pentest_IBAM - Missing "Content-Security-Policy" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
10:25 BSN Corporate Digital Banking Task #12562 (Pending Review): Pentest_IBAM - Missing "X-Frame-Options" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
10:25 BSN Corporate Digital Banking Task #12561 (Pending Review): Pentest_IBAM - Missing "X-Content-Type-Options" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
10:24 BSN Corporate Digital Banking Task #12563 (Pending Review): Pentest_IBAM - Missing HTTP "Strict-Transport-Security" Header [LOW]: LGMS team tested in application url instead of web url.
Fixes already applied to staging and production web server. Najmi Pasarudin
10:23 BSN Corporate Digital Banking Task #12559 (System Integration Test): Pentest_IBAM - Username Enumeration [LOW]: Previous fix is wrong.
SIT/UAT deployed on 16/3/2022 Najmi Pasarudin
10:22 BSN Corporate Digital Banking Task #12557 (Pending Review): Pentest_IBAM - TLS Cookie Without Secure Flag Set [MED]: The LGMS solution cannot apply to Staging application server.
In production the issue is handled by web server. Najmi Pasarudin
10:19 BSN Corporate Digital Banking Task #12566 (Pending Review): Pentest_IBAM - No Client-Side Session Timeout [LOW]: Production deployed on 4/3/2022 Najmi Pasarudin
10:18 BSN Corporate Digital Banking Task #12558 (Pending Review): Pentest_IBAM - Using Components with Known Vulnerabilities [MED]: Production deployed on 4/3/2022 Najmi Pasarudin
10:17 BSN Corporate Digital Banking Task #12555 (Pending Review): Pentest_IBAM - SQL Injection [HIGH]: Production deployed on 4/3/2022 Najmi Pasarudin

March 14, 2022

12:54 BSN Corporate Digital Banking Task #12593 (Development / Work In Progress): Pentest_CDB - Arbitrary Host Header Accepted [INFO]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:54 BSN Corporate Digital Banking Task #12592 (Development / Work In Progress): Pentest_CDB - TLS/SSL Server Supports The Use of St...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:54 BSN Corporate Digital Banking Task #12590 (Development / Work In Progress): Pentest_CDB - Diffie-Hellman Group Smaller Than 204...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:54 BSN Corporate Digital Banking Task #12589 (Development / Work In Progress): Pentest_CDB - [POTENTIAL] TLS/SSL Timing Side-Chann...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:54 BSN Corporate Digital Banking Task #12588 (Development / Work In Progress): Pentest_CDB - Missing HTTP "Strict-Transport-Securi...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:53 BSN Corporate Digital Banking Task #12587 (Development / Work In Progress): Pentest_CDB - Missing "X-Frame-Options" Header [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:53 BSN Corporate Digital Banking Task #12586 (Development / Work In Progress): Pentest_CDB - Missing "X-Content-Type-Options" Head...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:53 BSN Corporate Digital Banking Task #12584 (Development / Work In Progress): Pentest_CDB - Missing "Content-Security-Policy" Hea...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:53 BSN Corporate Digital Banking Task #12582 (Development / Work In Progress): Pentest_CDB - OTP Does Not Expire [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:52 BSN Corporate Digital Banking Task #12581 (Development / Work In Progress): Pentest_CDB - Usable Previously Requested OTP [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:52 BSN Corporate Digital Banking Task #12580 (Development / Work In Progress): Pentest_CDB - [POTENTIAL] Malicious File Upload [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:52 BSN Corporate Digital Banking Task #12579 (Development / Work In Progress): Pentest_CDB - Username Enumeration [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:50 BSN Corporate Digital Banking Task #12578 (Development / Work In Progress): Pentest_CDB - TLS Cookie Without Secure Flag Set [MED]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:49 BSN Corporate Digital Banking Task #12577 (Development / Work In Progress): Pentest_CDB - Insecure Direct Object Reference (IDO...: 'Solved
bootstrap 4.1.1
Not Solved
ckeditor 4.16.0
iText 2.1.7
JasperReports 6.6.0
Kindly review the fixe... Nurul Athira Abdul Rahim
12:48 BSN Corporate Digital Banking Task #12575: Pentest_IBAM - HTTP TRACE Method Enabled[INFO]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:48 BSN Corporate Digital Banking Task #12574 (Development / Work In Progress): Pentest_IBAM - Arbitrary Host Header Accepted [INFO]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:47 BSN Corporate Digital Banking Task #12573 (Development / Work In Progress): Pentest_IBAM - TLS/SSL Server Supports The Use of S...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:47 BSN Corporate Digital Banking Task #12571 (Development / Work In Progress): Pentest_IBAM - Diffie-Hellman Group Smaller Than 20...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:47 BSN Corporate Digital Banking Task #12570 (Development / Work In Progress): Pentest_IBAM - [POTENTIAL] TLS/SSL Timing Side-Chan...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:46 BSN Corporate Digital Banking Task #12569 (Development / Work In Progress): Pentest_IBAM - Reflected Cross-Site Scripting (XSS)...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:46 BSN Corporate Digital Banking Task #12568 (Development / Work In Progress): Pentest_IBAM - Insecure Direct Object Reference (ID...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:44 BSN Corporate Digital Banking Task #12564 (Development / Work In Progress): Pentest_IBAM - Multiple Concurrent Session Allowed ...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:44 BSN Corporate Digital Banking Task #12563 (Development / Work In Progress): Pentest_IBAM - Missing HTTP "Strict-Transport-Secur...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:43 BSN Corporate Digital Banking Task #12561 (Development / Work In Progress): Pentest_IBAM - Missing "X-Content-Type-Options" Hea...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:43 BSN Corporate Digital Banking Task #12562 (Development / Work In Progress): Pentest_IBAM - Missing "X-Frame-Options" Header [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:42 BSN Corporate Digital Banking Task #12560 (Development / Work In Progress): Pentest_IBAM - Missing "Content-Security-Policy" He...: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:42 BSN Corporate Digital Banking Task #12559 (Development / Work In Progress): Pentest_IBAM - Username Enumeration [LOW]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim
12:41 BSN Corporate Digital Banking Task #12557 (Internal Testing): Pentest_IBAM - TLS Cookie Without Secure Flag Set [MED]: Kindly review the fixes, as the new pentest (March,9,20202) result status stated "not solved". Nurul Athira Abdul Rahim

March 10, 2022

01:00 1. CDB_Phase 2 & 3 Development Bug #12854 (Internal Testing): Service Info - Set Zakat to offline: Hi Athira,
I will tell Najmi to help deploying and after that the testing can go on.
Thank you.
--
Issue:
... Lai Wen Hong
15:49 1. CDB_Phase 2 & 3 Development Bug #12854 (Development / Work In Progress): Service Info - Set Zakat to offline: Lai Wen Hong
15:32 1. CDB_Phase 2 & 3 Development Bug #12854 (Internal Testing): Service Info - Set Zakat to offline: Test Scenario :
Set Zakat tto offline and add offline message.
Test Step :
1. Access to Service Info > zaka... Nurul Athira Abdul Rahim
15:29 1. CDB_Phase 2 & 3 Development Task #12732 (Work Completed-End life cycle): ZAKAT - Test Script: https://hub.penril.net/share/page/site/bsn/document-details?nodeRef=workspace://SpacesStore/f2f91580-a165-4896-90ec-9... Nurul Athira Abdul Rahim

« Previous

Also available in: Atom