AOH :: HP Unsorted R :: BX2415.HTM

RSA Web ID (XSS)



Security Advisory on RSA Web ID (XSS)
Security Advisory on RSA Web ID (XSS)




The following security report has been sent to RSA/EMC on the 2/10/2007 and confirmed by them. RSA took action to alert their customers.

-----------------------------------------



*Description*
The WebID authentication framework suffers from a flow allowing to steal an authenticated users's session if he is enticed into clicking a malicous link.

TEST URL :

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.