Follow

Governikus Autent SDK, welche man zum Verwenden von verwenden kann, hatte Fehler.
Dadurch konnte man sich als jede mögliche Person ausgeben.

"The vulnerability abuses the fact that HTTP allows multiple parameters having the same name."

Patched version: 3.8.1.2

Quelle:
sec-consult.com/en/blog/2018/1

Sign in to participate in the conversation
chaos.social

chaos.social - because anarchy is much more fun with friends.
chaos.social is a small Mastodon instance for and by the Chaos community surrounding the Chaos Computer Club. We provide a small community space - Be excellent to each other, and have a look at what that means around here.
Follow @ordnung for low-traffic instance-related updates.
The primary instance languages are German and English.