DevTest 10.2 Vulnerabilities - HTTP Strict Transport, Leak Sensitive Info, Clickjacking

book

Article ID: 103094

calendar_today

Updated On:

Products

CA Application Test Service Virtualization CA Continuous Application Insight (PathFinder) CA Service Virtualization (DevTest / LISA / VSE / Application Test)

Issue/Introduction

Vulnerabilities Reported:
Application Does Not Use HTTP Strict Transport Security
Error Messages Leak Sensitive Implementation Details to User
Response Header Leaks Sensitive Server Information
Web Application Is Vulnerable to Clickjacking

Environment

DevTest 10.2.4

Resolution

Open a new support case and refer to defect DE352026.