Symptom:
The token used for Cross-Site Request Forgery and the Session ID for login session were the same and therefore, administrator login session was not very secure.
Solution:
This issue has now been resolved. To secure the administrator login session, the two tokens are not the same anymore.
Symptom:
The login page of the Administration Console was vulnerable to cross frame scripting.
Solution:
This issue has now been resolved.
|
Copyright © 2013 CA.
All rights reserved.
|
|