<<< Date Index >>>     <<< Thread Index >>>

Simpliciti Locked Browser Jail Breakout Vulnerability



>From vendor: 

In order to access this vulnerabilty, the user has to intentional visit a page 
which has intentional created the malious exit javascript.

The product has many security functions built in to prevent this occuring. 
The products setting screens allow the product to easily prevent this occuring, 
by setting the main URl to URL that does not allow access to out side web 
sites, additional site restrictions can be entered to ensure that a user cannot 
access anything but the desired pages or sites.

The issue will be fixed in the next release of the product, but in the mean 
time is entirely preventable in any normal type of implementation of the 
product.