You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

ASVS-12.2.1: uploading malware to fusion

in Recruiting, Opportunity Marketplace 2 comments

Summary:

ASVS-12.2.1: Verify that files obtained from untrusted sources are validated to be of expected type based on the file's content. The consultant uploaded an EICAR.COM file while setting "Content-Type" to image/png. Application attempted to display a preview of the file, even though it does not contain an image, indicating that the contents were not validated.

Content (please ensure you mask any confidential information):


Version (include the version you are using, if applicable):



Code Snippet (add any code snippets that support your topic, if applicable):

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!