#21 File hosting

Отворено

отворено пре 5 година од sindre · 0 коментара

Although not an OWASP v4 code, File Hosting is a major part of modern intelligent threat actors. If your server hosts files instead of just letting users download them they can be used as part of spear-phishing attacks or as part of reconnaissance. This webpage should default to always downloading a file, even if accessed directly, or alternatively, deny access if a file is access directly.

sindre added this to the Optional vulnerabilities milestone пре 5 година

sindre added the

webpy

label пре 5 година

sindre added the

bug

label пре 5 година

sindre added the

security misconfiguration

label пре 5 година

sindre modified the milestone from Optional vulnerabilities to Required fixes пре 5 година

sindre modified the milestone from Required fixes to Optional vulnerabilities пре 5 година

Пријавите се да се прикључе у овом разговору.

bug

security misconfiguration

webpy

Optional vulnerabilities

No Assignees

1 учесника

Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.