๐ Kaspersky: Several domains on kaspersky.com are vulnerable to Web Cache Deception attack
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Reported security issue allowed a potential attacker to steal potentially sensitive information of users of a website, because multiple subdomains of the Kaspersky domain were vulnerable to web cache deception attack. In this scenario the user needs to open a phishing link in a web browser. The issue was fixed by changing settings which now only caches files for a specific address, allowing to avoid a situation in which the data of a cached page can be transmitted to any person upon repeated request of a previously vulnerable address. Note that this problem is related to our internal services and doesn't require any actions from side of our... ...