Home
Exported

TOLOGIX - ISLG Maintenance

Project dealing with all ongoing maintenance of the current ISLG application (www.investorstatelawguide.com and dev.investorstatelawguide.com).
Laura Mindorff, COO at IndustrialHarsh Parikh, Tech Lead at DevITMelissa Cowell, General Manager at IndustrialJeff Horne, CEO at IndustrialMonica Martinez, MonolabMarysia RaptisPaul MoonIrit WeinfeldNafiseh Arghandehpour, Legal Content Manager at ISLGKetan Sondarva, Technical Project Manager at DevITMartin Laporte, CTO at TologixSharmila Srikanth, Quality Assurance Engineer at TologixKishan Badri, Strategic Account Manager at TologixSéverine Beaudet, Senior Legal Content Manager at TologixGary López Vélez, Junior Legal Content Manager at Tologix +4 others
From the list: Security - Development

High (Medium) Remote OS Command Injection

Ryan K. added this on
Completed by Morgan M.
Assigned to
Harsh Parikh, Tech Lead at DevIT Harsh P.

Comments & Events

Ryan Knuth, Customer Support Manager at Industrial Ryan Knuth, Customer Support Manager
Attack technique used for unauthorized execution of operating system commands. This attack is possible when an application accepts untrusted input to build operating system commands in an insecure manner involving improper data sanitization, and/or improper calling of external programs.

See Alert #3 in ZAP Scanning Report.
No one was notified
Morgan Maguire, CEO
Morgan Maguire completed this to-do.