Cross-Site Request Forgery Vulnerabilities OWASP Cross-Site Request Forgery(CSRF) is one of the top 10 security vulnerabilities with high risk. It allows a hacker to perform an action on the vulnerable site on behalf of the victim(user). If the site does not validate the original request properly then the attack is possible. Attacker forges the […]
Sensitive Parameters are Susceptible to Brute force Attacks OWASP Sensitive parameters such as username, password, server IP, etc.. will be guessed by the attacker by trying a large combination of attempts. Those parameters are susceptible to Brute Force Attack, it is a one of OWASP vulnerability with medium risk. We should avoid the attacker guessing […]
Apache Tomcat Server Information Disclosure by Verbose – OWASP By default, Apache Tomcat server information exposed and leads security issues. It’s one of the OWASP vulnerabilities with low risk. Apache Tomcat server information disclosed in two places such as response header and error screen in the lower version. In the higher version of the tomcat […]
Information Disclosure by Test, Old and Backup Files OWASP Information disclosure by test, old and backup files that are not required for the application. This is one of the security vulnerability with info risk. We need to remove the unwanted test files. old files and backup files. Backup files and test files keep outside fo […]
Apache Tomcat Server is most popular open source web server with servlet container. It’s light wight web server and will not required much space in the system. Apache Tomcat server having a lot of of security vulnerabilities and we need to fix those to make secure web server. OWSAP list down critical security vulnerabilities […]
How to Disable Apache Tomcat Server version By default, Apache Tomcat server version exposed and leads security issues. There are three approaches to hide the Apache Tomcat server version. In which easy-st way is adding one of the attributes in server.xml In this article, we are working on Apache Tomcat 6.0.0. Tomcat Information in Response […]
Due to security vulnerabilities, struts2 needs to be upgraded to latest versions i.e vulnerable free (2.3.32 or 2.5.10.1) which is vulnerabilities free. After upgrading s:submit action button will not work because it is disabled by default due to security vulnerabilities. Example <s:submit align=”center” action=’Login_loginUser’ value=”Login”/> So that to make it as working, we need […]
COPYRIGHTS © 2019 - 2023 Narayana Tutorial. ALL RIGHTS RESERVED terms of service | privacy policy | returns and refund policy
