Security Research

Friday, 6 July 2012by Jan Fry

Cross-site scripting found within AEP Netilla SSL VPN 2200

An authenticated Cross-Site Scripting (XSS) vulnerability was discovered in AEP Netilla SSL VPN 2200's server-side script at '/webapp/webadmin/app- ....

Tuesday, 3 July 2012by Richard Brain

SiteCore XSS and Broken Access Control

Sitecore CMS versions 6.2.0 and 6.0.0 are susceptible to reflective XSS attacks that can be triggered by authenticated users via multiple server-si ....

Monday, 2 July 2012by Richard Brain

Research Paper: SiteCore Security Research

Explore comprehensive security assessments of SiteCore CMS revealing critical vulnerabilities in default settings. This paper by ProCheckUp delves ....