Knowledge Base
AutomationEdge
Recent Articles
XSS Protection Filter Configuration
Objective To mitigate Cross-Site Scripting (XSS) risks by implementing a custom XSS protection filter and security headers. 1. Copying the Class File Place the appropriate class file in: <AE_Application>/aeui/WEB-INF/classes Available Class Files For ...Internal IP Disclosure
Objective To assess and manage the exposure of internal (RFC 1918) IP addresses within the application. Description Internal (RFC 1918) IP addresses are exposed in the application. Ideally, such private IPs should not be publicly visible. Reason The ...Using Components(Bootstrap,.Net etc) with Known Vulnerabilities
Objective To eliminate security risks arising from outdated third-party components. Issue The application is using an outdated version of Bootstrap, which contains known security vulnerabilities. Impact Exposure to known exploits Increased risk of ...Malicious File Upload Risk
Objective To mitigate the risk of unauthorized or harmful file uploads to the server. Issue Malicious actors can upload harmful files to the server, which may lead to security vulnerabilities or system compromise. Impact Execution of malicious code ...Salted Hashing Issue – Configuration(7.7.4)
Objective To prevent password replay attacks by restricting reuse of encrypted credentials within a defined time window. Issue Encrypted passwords can be reused, leading to a potential password replay attack. Affected Module Module: AppSec Location: ...
Links to better reach