Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Ponnurangam Nagaraj (PonnurangamN2827)
Vodafone

Vodafone
IN
PonnurangamN2827 Member since 2019 43 posts
Vodafone
Posted: Jul 19, 2019
Last activity: Jul 19, 2019
Posted: 19 Jul 2019 15:28 EDT
Last activity: 19 Jul 2019 16:01 EDT
Closed

Security issues-Autocomplete enabled during Pen Test

Hi,

Our application had undergone pen testing and testing team reported below issue,

Autocomplete had enabled in sensitive form field

Password
lockScreenPassword
newPassword
confirmNewPassword

I have made the changes recommended in post https://community1.pega.com/community/product-support/question/security-issues-after-pen-test-password-field-autocomplete

This fix did not solve this issue.

security team is saying that password fields still do no use AUTOCOMPLETE=OFF settings. The password fields still do no use AUTOCOMPLETE=OFF settings.

PFA, request and response , security team is using for testing. Please recommend to mitigate this issue.

Earlier response is much appreciated.

To see attachments, please log in.
Security

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice