secDevLabs icon indicating copy to clipboard operation
secDevLabs copied to clipboard
verified publisher icon globocom

Games irados ( correção )

Open RayTdC opened this issue 1 year ago • 1 comments

This solution refers to which of the apps?

A9 - Games Irados

What did you do to mitigate the vulnerability?

The app presented a log without objectivity, with shallow information when informing about coupons or when logging in. To change this situation, more detailed information was added, such as who made the request and what happened, so it will be clearer to discover possible attacks, based on the log description.
Captura de Tela 2024-06-12 às 01 56 04

Note: The “id do usuário” field was used because the user name would be sensitive information exposed in the log. The information that is covered is the device's IP.

RayTdC avatar Jun 12 '24 05:06 RayTdC