Plugins and extensions: the Achilles heel of popular CMSs
A by-product of High-Tech Bridge’s ImmuniWeb® web application penetration test SaaS is the frequent discovery of vulnerabilities in popular web applications and CMSs. High-Tech Bridge’s disclosure policy is immediately to notify the vendor, but to allow three weeks for the vulnerability to be fixed before going public with the details (vendors also may ask to extend the disclosure time). During this period a brief announcement of the vulnerability without any exploitable details is posted on High-Tech Bridge’s Research page.
- NIC CORNS
- InfoSecurity
- Posted On