new technique to reply testers by program admin :D lol lol #copy - TopicsExpress

new technique to reply testers by program admin :D lol lol #copy #paste #markall #sendall #hackerone Hi there, We received a few hundred reports and most of them were not applicable for our vulnerability program. I am summarizing the most common reported issues (some of them were sent more than 30 times). -Brute force on out login/forgot password page: We have a non aggressive policy there and we do allow multiple failed logins. If you try too many times , you will be blocked. -Session issues. We do allow multiple sessions opened across multiple browsers. We do not invalidate immediately after a password reset, but it expires automatically a bit after. -User enumeration: Same as the brute force. -Password policy: Yes, we do accept small passwords or the user to reuse them. -Our CSRF tokens are checked only on critical pieces that can affect the user/account state. On our search or scan page, we do not use them. It is ok. -SPF: It is known and we need to keep it like that for now. -Trace method: Yes, it is enabled on some servers. If you can show a POC on how it can be misused to compromise our servers, we will re-look at it. -Missing security headers. We do not consider them a vulnerability. They are hardening/security options and our critical servers have them enabled. Thanks for sending the report :) We appreciate the testing!

Papa Francisco: No Templo se adora o Senhor Durante a homilia

Africa is amazing continent, the womb of all man & woman kind, and

September 7, 2014 A Dislocated Nigeria Military… Nkrumah

Grey Ford Fiesta XR4 with racing stripes 2litre Only 82k km

Ishigaki Advanced Ultrawhite L Glutathione 60 caps (Japan

Top ten signs your breath is bad... 1. Someone tells you...not to

Please LIKE and Share with your mafia frends Zynga Bonus for

The Zambian Ambassador to the United States, Palan Mulonda and the

MULTINATIONAL COMPANIES NOW OWN ALL BUT FOUR OF QUEENSLANDS SUGAR

Jonathan’s Ph.D Versus Buhari’s “semi-illiteracy”

plebes hoy nos vemos en los hot dogs los nichis ya saben que

I hope that you finally understand, that I will love you untill

Is existence also relative? The physical presence of Elvis Presley

Why all my loosin sleep over you real livin precious moments with

Okay, this was a super big deal for me. This is a very high

Buat yg hobi bola,buat yang hobi koleksi jersey, ready

There are eight previously unreleased tracks on Schneeweiß IV

CEGAH KOLESTEROL NAIK SETELAH LEBARAN Lebaran artinya merayakan

These are 25 hilarious football facts... Must read... 1)In 1998

Theres a lot going through my head lately on living a healthy

They say a funeral should be a celebration of life. I went to my

Things I have learned in my 40th year of life: A house is made of

These arent my words, but they are my thoughts. I See You by

Happy birthday to you,happy birthday to you,happy birthday to

There are basically 7 TYPES OF GIRLS... 1. HARD DISK