Risk Summary
The overall application security risk rating was calculated as: MediumThe result is based on the following statistics:
Total number of findings: 11
- High findings: 3
- Medium findings: 5
- Low findings: 3
As a first step, we have decided to address all the high priority issues in Stadium 4.
- Cross-site scripting
'The Stadium3 application was vulnerable to a persistent cross-site scripting(XSS) attack. Example: When adding a new item to the tree view, it was possible to inject Javascript in a node. Since no input validation or output encoding was performed on this user input, the injected javascript was reflected back and executed by victim's browser.'
Business ImpactA successful attack could allow an attacker to gain access to the environmnet as another user. This could lead to authorisation of malicious transactions.
Changes madeAll controls that have cross-site scripting vulnerability have been changed so that any text they output on the page is html encoded to prevent script injection.
This means that html injection is no longer possible. This may be a problem if existing implementations are currently making use of html injection in their applications.
- Application does not use encryption
Business ImpactSince the application information is transmitted in clear text over an unencrypted connection, an attacker may intercept and view sensitive information such as login details.
Changes made
No code changes were made. The fix for this is to use an SSL certificate on the web server.
- Clear text submission of password
Business ImpactPasswords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network.
Changes made
No code changes were made. The fix for this is to use an SSL certificate on the web server. Further explanation can be found at:
http://www.w3.org/2001/tag/doc/passwordsInTheClear-52
No comments:
New comments are not allowed.