It labelled the later flaw as a low risk issue that affected mostly older versions of the Firefox and Chrome web browser. CSRF is an attack that occurs when a malicious web site or program for example could cause a web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. It also said there was a Cross-Site Request Forgery (CSRF) risk. Pen Test Partners said that the flaws include a cross-site scripting flaw and a risky procedure when changing a password. The discovery was made by penetrating testing and security specialist Pen Test Partners, and concerns BT’s Wi-Fi Extender 300 Kit (Booster) unit running firmware V1.1.5. BT is urging its customers to patch the firmware of its Wi-Fi extender unit after the discovery of security issues with the device.
0 Comments
Leave a Reply. |