Hi,
There is an issue flagged by a customer. “Users can upload any file type by bypassing the Attachment Control. This issue has been flagged by our Information Security Team.”
Page 1 / 1
Can you clarify what it means by “bypassing the attachment control”? The control itself does have properties to specify what file types are allowed, I’m assuming there was a way to get around whatever file types were configured there?
Hi, the user is able to bypass the custom two-factor authentication mechanism by intercepting the request and manipulating the data to redirect to the main page.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.