Scansource backdating


They only have to do a refresh and since the username and password are resubmitted and revalidated, the attackers can login as the user.

Now let's assume the application has a login page which takes the user to an intermediate page for authentication.

Is it really required to redirect the user to a new page after login? Consider the application has a login page that sends the username and password as a POST request to the server.

If a user clicks refresh on the second page (the page after login), the same request including the username and password in the POST will be sent again.


Biography (provided by the speaker) Peter Anderson, a partner in Sutherland’s Litigation Practice Group, has practiced in the securities regulatory and enforcement arena for approximately 30 years.• Less than 20% of Haitians age 15 and over can read and write. • 40% of the Haitian population does not have access to primary health care.


  1. Pingback:

  2. eric   •  

    To turn your couch and throw pillows into gym equipment, all you need to do is press play and get your sweat session started.

  3. eric   •  

    Radiometric dating isn't the only method of determining the age of rocks.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>