...
Referenced PR ID | Description |
---|---|
INST-###___7486 | Security: Microsoft ASP.NET MS-DOS Device Name possible DoS attack vector (Port 80 & 443) |
INST-12117 | Security: Session Token in URL, found during penetration test |
INST-12118 | Security: Session cookie not set with the Secure flag |
INST-13223 | Security: Implement reCAPTCHA to protect against Email Spamming |
INST-13400 | Security: Adding users through spreadsheet allows them login without password change |
INST-13523 | Security: Path-relative stylesheet import (PRSSI) vulnerability |
INST-13534 | Security: HTML5 Local storage is enabled |
INST-13637 | Security: HTTP header information disclosure. |
INST-13638 | Security: Confirmation email not sent on user password change |
INST-13639 | Security: Sensitive data is cached locally |
INST-13640 | Security: Cookie missing HTTPOnly flag |
INST-13641 | Security: Host header injection vulnerability |
INST-13642 | Security: Email bombing is possible with InSite |
INST-13645 | Security: Passwords are emailed in plain text |
INST-10841 | HTML5 Smart Review : Compare view display revisions incorrectly in full screen mode. |
INST-12907 | Preview - Approve All button is greyed out when redeeming Secure Link for selected pages |
INST-13258 | Managed Services: The IPP installer and/or ICU should change all Application Pools to AlwaysRunning from OnDemand |
INST-13578 | Pressproof - Better memory performance |
INST-13590 | PressProof - Surface renders when not supposed to, but doesn't rewrite surface PNG file |
INST-13673 | Page selection acts odd when sorted by Position -- for job with multi page set |
INST-13689 | 500 internal server error when open administration page after satellite join to enterprise. |