Summary

Netsparker detected an open Silverlight client access policy file (ClientAccessPolicy.xml).

Impact
The ClientAccessPolicy.xml file allows other Silverlight client services to make HTTP requests to your web server and see its response. This might be used for accessing one time tokens and CSRF nonces to bypass CSRF restrictions.
Remediation
Configure your ClientAccessPolicy.xml file to prevent access from everywhere outside your domain.
Classifications
WASC-15, OWASP 2013-A5 , CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Vulnerability Inde
					</div>
					<div class=

Vulnerability Index

You can search and find all vulnerabilities

Search Category

OR

Search Vulnerability