#21 File hosting

Отворени

отворен преди 5 години от sindre · 0 коментара

Although not an OWASP v4 code, File Hosting is a major part of modern intelligent threat actors. If your server hosts files instead of just letting users download them they can be used as part of spear-phishing attacks or as part of reconnaissance. This webpage should default to always downloading a file, even if accessed directly, or alternatively, deny access if a file is access directly.

sindre added this to the Optional vulnerabilities milestone преди 5 години

sindre added the

webpy

label преди 5 години

sindre added the

bug

label преди 5 години

sindre added the

security misconfiguration

label преди 5 години

sindre modified the milestone from Optional vulnerabilities to Required fixes преди 5 години

sindre modified the milestone from Required fixes to Optional vulnerabilities преди 5 години

Впишете се за да се присъедините към разговора.

bug

security misconfiguration

webpy

Optional vulnerabilities

No Assignees

1 участника

Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.