-
Type: Bug
-
Status: Closed
-
Priority: High
-
Resolution: Bug Fixed
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: UI Refresh
-
Labels:None
-
Environment:Pre Production
-
Bug Type:Functional
-
Bug Severity:Medium
-
Level:Employee
-
Module:BenAdmin - Security
-
Reported by:Harbinger
-
Company:All Clients/Multiple Clients
-
Item State:Stage QA - Production Deployment on Hold
-
Issue Importance:Q2
-
Code Reviewed By:Vijayendra Shinde
All Company- Employee Login - URL parameters - Security - URL parameter values in all the SSM pages,reports are displayed in plain text.
As observed all the URL parameter values are displayed in plain english text and can be vulnerable for security breach.
This can be generic issue and may exist for Admin,Partners,SA user roles too.
CC : Vijayendra ShindeSachin HingoleRakesh RoyHrishikesh DeshpandeRohan J KhandaveSamir
- relates to
-
NF-2714 Vulnerability Assessment and Penetration Testing for Workterra on Azure US environment.
- To Do