Details
-
Incident report
-
Resolution: Fixed
-
Trivial
-
2.2.20, 3.0.13, 3.2.10, 3.4.4, 4.0.0alpha1
-
None
-
Team A
Description
Multiple security issues in frontend:
- Inclusive Phishing through URL Redirection
- Database Error Pattern / Application Error reveals Internal Server Paths
- Requests vulnerable to Cross-Site Request Forgery
- UI Redress Attack (Clickjacking)
- Content sniffing not disabled
- Strict Transport Security is not enforced
- Browser cross-site scripting filter misconfiguration
Attachments
Issue Links
- is duplicated by
-
ZBX-10272 URL Redirect
-
- Closed
-