[Samsung Fire & Marine] Action is needed to prevent logins from sessions logged in from other IPs

hangsub
hangsub Registered Posts: 2
edited January 16 in Product Ideas

If a session logged in from an IP address called A is tampered with by a user logged in from an IP address called B through the developer tool in IE Edge, the user information will be changed.

This needs to be improved as it risks allowing regular users to escalate their privileges to administrator status and manipulate important administrator settings.

Financial institutions in Korea are urged to take swift action against these vulnerabilities, as they will not be able to use the applications unless measures are taken.

Tagged:
1
1 votes

New · Last Updated

Comments

Setup Info
    Tags
      Help me…