Share your ideas

Insecure E-mail sending function - possible security vulnerability

The Tealeaf app provides an E-mail function for users to send out the statistics results via E-mail. However, the application allows the emails to be sent out Citi to the external E-mail receivers. This behavior causes security concerns. The internal data collected in the Tealeaf app should be contained inside the Citi environment. The application should not allow the users to set up external email addresses http:///Portal/SystemStats.aspx In Tealeaf System Statistics, a user can email the system information to an external email address, such as vatester1@primeon.com.

  • Guest
  • Feb 28 2020
  • Shipped
What is your industry? Banking
What is the idea priority? High