Skip to main content
Kofax

Host Header Vulnerability Information for Insight

Article # 3047226 - Page views: 3

Issue

Are there any concerns with Insight related to host header injection vulnerabilities?

 

Solution

Kofax performs DAST scans as part of the SSDL process for each product release including Insight. Potential host header attacks have been reported by internal DAST scans in the past. When investigating these vulnerabilities, it was concluded that they are not exploitable as Insight provides additional controls that prevent Host Header attacks to be exploited (such as input validation, URL redirection verification, etc.)

This article may be updated as new information becomes available. If you would like to share additional information, please submit a Technical Support case with all related information (testing procedure steps, results, etc.) for our product team to review and advise.

Level of Complexity 

Easy

 

Applies to  

Product Version Build Environment Hardware
Insight 6.x      

 

 

 

Article # 3047226
  • Was this article helpful?