Vulnerability
Description
Flash or Silverlight-based CSRF may be possible due to web server misconfigurations.
Recommendation
Configure the crossdomain.xml file to restrict cross-domain read requests by specifying allowed domains with <allow-access-from domain="example.com">. Only use "*" for all domains if you are sure no access-controlled, personalized, or private data is hosted by this service.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
