Seeker Research Center Security Advisory
By Irene Abezgauz
===
I. Overview
===
An Insecure Redirect vulnerability has been identified in the .NET Form
Authentication - in the Redirect From Login mechanism. This
vulnerability allows an attacker to craft links that contain
Seeker Research Center Security Advisory
This vulnerability was discovered by SeekerĀ® Automatic Run-Time Application
Security Testing Solution
Disclosed By Irene Abezgauz, September 13th, 2011
=
I. Overview
=
A Cross Site Scripting vulnerability has been identified
Multiple CA products and 3rd party products utilizing the CleverPath
Portal.
Solution
CA Has been notified of this vulnerability on Januarty 18th, and is
releasing a patch together with the publication of the vulnerability.
---
Irene Abezgauz
Senior Consultant
.
---
Irene Abezgauz
Application Security Consultant
Hacktics Ltd.
Mobile: +972-54-6545405
Web: http://www.hacktics.com