Both sides previous revisionPrevious revisionNext revision | Previous revision |
ict:responsible-disclosure [2020/09/08 20:46] โ [Security Vulnerabilities] jonathan | ict:responsible-disclosure [2020/09/09 08:39] (current) โ [Configuration Issues] jonathan |
---|
| |
===== Configuration Issues ===== | ===== Configuration Issues ===== |
| * **[[https://www.linkedin.com/in/mohammed-abdul-kareem4855/|Mohammed Abdul Kareem]]** alerted us to a missing ''X-Content-Type-Options'' header on //September 2, 2020//. |
* **[[https://www.linkedin.com/in/dhanumaalaian-r-b34338189/|Dhanumaalaian R]]** alerted us to some missing CAA records on //September 2, 2020//. | * **[[https://www.linkedin.com/in/dhanumaalaian-r-b34338189/|Dhanumaalaian R]]** alerted us to some missing CAA records on //September 2, 2020//. |
* **[[https://www.linkedin.com/in/HemantSolo/|Hemant Patidar]]** suggested that changing the e-mail associated with your account could be done a little safer on //August 30, 2020//. | * **[[https://www.linkedin.com/in/HemantSolo/|Hemant Patidar]]** suggested that changing the e-mail associated with your account could be done a little safer on //August 30, 2020//. |
* **[[https://www.linkedin.com/in/rohan-chaudhari-53aa51174|BABABOUNTY]]** alerted us to some missing HSTS headers on //August 28, 2020//. | * **[[https://www.linkedin.com/in/rohan-chaudhari-53aa51174|BABABOUNTY]]** alerted us to some missing HSTS headers on //August 28, 2020//. |
| * **[[https://twitter.com/Adityarana1234?s=09|Aditya Rana]]** alerted us to some missing CSP headers on //August 28, 2020//. |
* **[[https://www.linkedin.com/in/shubham-panchal-636744161/|Shubham Panchal]]** alerted us to some missing HSTS headers on //August 27, 2020//. | * **[[https://www.linkedin.com/in/shubham-panchal-636744161/|Shubham Panchal]]** alerted us to some missing HSTS headers on //August 27, 2020//. |
* **[[https://www.linkedin.com/in/r0x4r/|Eshan Singh]]** alerted us to some missing rate limiting precautions on authentication endpoints on //August 20, 2020//. | * **[[https://www.linkedin.com/in/r0x4r/|Eshan Singh]]** alerted us to some missing rate limiting precautions on authentication endpoints on //August 20, 2020//. |