– or –
Please login or register to participate.
Discussion
.
Gambit Jul 04, 2012 08:09 PM
[Critical Security Vulnerability]

Hello, I am a security researcher that goes by the name Gambit, I was recently browsing this site and came across a critical level security hole. If someone from the IT team can contact me, I would like to get the issue fixed.

Twitter ~ https://www.twitter.com/#!/_G4mbi7_
Replies (1)
demarinis Jul 16, 2012 02:32 PM
Thanks for your considerations!

For the EEA website we use open source CMS/WCMS called Plone and it has a high security level, see details at http://plone.org/products/plone/security/overview

according to the National Vulnerability Database, in March 30, 2011, plone / zope has very few security issues compared to other systems. These numbers do not prove anything by themselves, of course, but do suggest a general trend and are a good approximation of our security track record compared to other systems.

We also use other platforms for other sites the Agency is hosting.

You may disclose any security issue details by sending an email to our technical <helpdesk at eionet.europa.eu>

regards
 
Loading