From ac06c8462baea1dc101f25c19c62fb268c3b1a18 Mon Sep 17 00:00:00 2001 From: Jet Hughes Date: Fri, 9 Sep 2022 10:52:39 +1200 Subject: [PATCH] vault backup: 2022-09-09 10:52:39 --- content/notes/ass01-security-audit.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/notes/ass01-security-audit.md b/content/notes/ass01-security-audit.md index fd7af4ec6..f5d7aea7d 100644 --- a/content/notes/ass01-security-audit.md +++ b/content/notes/ass01-security-audit.md @@ -89,4 +89,4 @@ The most severe of these was a simple SQL Injection attack. I was able to extrac I was also able to inject Javascript code into the database which would then be run on the browser of other users. -Furthermore the system does not have adequate password policy and allows users to enter weak passwords. +Furthermore the system does not have adequate password policy and allows users to choose weak passwords. It also allow excessive authentication attempts.