Open kennkong opened 10 years ago
karlkec has identified the http-identify header as a source of vulnerability. I have identified a similar weakness in the display pages. Some hardening, especially as regards SQL injection, needs to be done.
I have opened a security branch to deal with these issues. My first objective is to protect the configuration pages from unauthorized access.
karlkec has identified the http-identify header as a source of vulnerability. I have identified a similar weakness in the display pages. Some hardening, especially as regards SQL injection, needs to be done.