Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Download page delivers potentially malicious software #53

Open
TJEvans opened this issue Jan 22, 2020 · 2 comments
Open

Download page delivers potentially malicious software #53

TJEvans opened this issue Jan 22, 2020 · 2 comments

Comments

@TJEvans
Copy link

TJEvans commented Jan 22, 2020

Tests of our automation framework ended up downloading the steam_api.dll yesterday and my network security team got alerted. I believe this is a false positive, but to prevent future headaches please remove the offending files.
@wilson-mar
Copy link

@ TJEvans it's been over a year now. Is this still an issue?

@TJEvans
Copy link
Author

TJEvans commented Jun 9, 2021
edited
Loading

Yes, this is an issue your team should take seriously. This app allows arbitrary uploads from one user and then serves those potentially malicious files back to your other page visitors.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TJEvans @wilson-mar