Regards
I have a question with 2 vulnerabilities, in specific:
GDPR PII Exposure.- In the example that you put, an image with personal data such as email, telephone, date of birth is shown.
Improper Access Control.- A non-authenticated or authenticated user without privileges can access confidential data or administrative functions.
How would you know in which case GRDP PII applies and in which cases IAC applies, just to understand the difference well when trying to report those vulnerabilities, I hope you have given me to understand and can help me.
Thank you in advance and I look forward to your comments
Difference between GDPR PII Exposure and Improper Access Control
-
alexro2404
- Posts:3
- Joined:Fri Mar 02, 2018 5:19 pm
Re: Difference between GDPR PII Exposure and Improper Access Control
Hello, difference in personal dataalexro2404 wrote: ↑Wed Apr 10, 2019 4:03 pmRegards
I have a question with 2 vulnerabilities, in specific:
GDPR PII Exposure.- In the example that you put, an image with personal data such as email, telephone, date of birth is shown.
Improper Access Control.- A non-authenticated or authenticated user without privileges can access confidential data or administrative functions.
How would you know in which case GRDP PII applies and in which cases IAC applies, just to understand the difference well when trying to report those vulnerabilities, I hope you have given me to understand and can help me.
Thank you in advance and I look forward to your comments
Who is online
Users browsing this forum: No registered users and 2 guests