Nandakumar Edamana
Share on:
@ R t f Patched Against Critical Vulnerabilities

Tue, 12 Jun 2018 05:18 AM IST

After an internal security audit conducted last week, got patched against some long-existing security vulnerabilities. Although these vulnerabilities--if left unpatched--could have caused damage to the website, it couldn't have affected any user data directly. Afterall, stores little or no sensitive data on the server. Even the e-mail IDs of the newsletter subscribers are stored offline.

The fixed issues include:

NCN had security features from the beginning, and some pages had been patched against SQL Injection a long time ago. However, SQL Injection in URLs had been left unconsidered. XSS on the contact page had been tested, but left undetected.

The latest patches and the on-going migration to static pages make more secure. It is decided to conduct regular security check-ups in order to make it virtually impenetrable.