-
Type: Bug
-
Status: Open
-
Priority: High
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:
-
Environment:Production
-
Bug Severity:Low
-
Module:BenAdmin - Security
-
Reported by:Harbinger
[Security Test]
{Critical Information Disclosure} Table Name and Column Names get displayed in proxy tools.
Test Environment : Production: VM-208..
Tool used:
Tamper Data - Mozilla Browser plugin
1. Login as Admin
2. Go to Add Employee
3. Enter required fields in Add New employee page
4. Go to Tamper Data
5. Click on Start Tamper
6. Go to Add Employee Page and click on Save button.
7. Check for the Tamper Data POST form parameters.
For more details check attached Screenshot.
This issue is observed throughout the application.