Question

1
Replies
29
Views
PonnurangamN2827 Member since 2019 43 posts
Vodafone
Posted: 1 year ago
Last activity: 1 year 3 months ago
Closed

Security issues-Autocomplete enabled during Pen Test

Hi,

Our application had undergone pen testing and testing team reported below issue,

Autocomplete had enabled in sensitive form field

Password
lockScreenPassword
newPassword
confirmNewPassword

I have made the changes recommended in post https://community1.pega.com/community/product-support/question/security-issues-after-pen-test-password-field-autocomplete

This fix did not solve this issue.

security team is saying that password fields still do no use AUTOCOMPLETE=OFF settings. The password fields still do no use AUTOCOMPLETE=OFF settings.

PFA, request and response , security team is using for testing. Please recommend to mitigate this issue.

Earlier response is much appreciated.

Security
Moderation Team has archived post
Share this page LinkedIn