Halborn July 2022 - WebApp Pentest
Tokemak_WebApp_Pentest_Report_Halborn_Final-2.pdf
1MB
PDF
Individual auditors personal emails have been redacted in the above pdf (pdf also embedded below summary)
Summary:
(HAL-01) MISSING SUBRESOURCE INTEGRITY MECHANISM IN RELATION TO THE THIRD PARTY SCRIPTS USED
(HAL-02) NON-PRODUCTION ENVIRONMENTS ACCESSIBLE FROM THE INTERNET
(HAL-03) SERVER-SIDE REQUEST FORGERY VIA CLOUDFLARE SERVICE
(HAL-04) PASSWORDS SHARED BETWEEN ENVIRONMENTS
(HAL-05) USING PACKAGES WITH KNOWN VULNERABILITIES
PDF Embed:
Copy link