Kentico Xperience Private Bug Bounty Program Juraj Komlosi — Feb 23, 2022 — Article Today we're really excited to announce the opening of the Kentico Xperience Private Bug Bounty Program.
TLS 1.2 support Juraj Komlosi — Mar 31, 2016 — Article security tls paypal Since SSL is considered an outdated technology and may be subject to security vulnerabilities in the future, it is strongly recommended to use TLS v1.1 or newer if possible.
Protection against Cross-site request forgery (CSRF, XSRF) Juraj Komlosi — Mar 25, 2015 — Article security csrf xsrf cross-site request forger Cross-site request forgery (CSRF) is one of the most common web applications vulnerabilities. In 2013 it was ranked number 8 in OWASP’s TOP 10 document. In this article I am going to explain what is the CSRF vulnerability and the available protection methods.
Security - Avoiding SQL Injection (SQLi) Juraj Komlosi — Dec 3, 2014 — Article sql injection security sqli kentico SQL injection is one of the most dangerous threats against web applications. Therefore, it is really important to pay extra attention to avoiding SQL injection. Every successful attack may compromise sensitive data or lead to privilege escalation.
Security - Avoiding Cross-site Scripting (XSS) Juraj Komlosi — Nov 26, 2014 — Article xss security kentico cross-site scripting css In this article I will describe how cross-site scripting (XSS) works and how to write secure code to avoid this vulnerability. OWASP pages classify cross-site scripting as a high severity vulnerability. XSS is also one of the most frequently exploited vulnerabilities in web applications.
Page macro expressions security Juraj Komlosi — Nov 6, 2014 — Article security macros The macro engine is a powerful option you can use when developing your web project. Page macros are just one part of this engine. Since changes have been made to the page macro’s security in hotfix 8.1.11, this article will primarily focus on page macro expressions and the appropriate security check you should be aware of.
New version of Windows Azure deployment script Juraj Komlosi — May 30, 2013 — Article script We have updated our deployment script with new cmdlets included in the latest Windows Azure Powershell (May 2013). If you want to know what’s new, please read my short blog post.
Security improvements in Kentico CMS 7 Juraj Komlosi — May 17, 2012 — Article cms kentico kentico cms 7 security We at Kentico take the security of our product very seriously. That’s why we implement security improvements into every new version. Kentico CMS 7 is not an exception, so let‘s take a look at what’s new.
Windows Azure deployment script on Kentico Marketplace Juraj Komlosi — Apr 30, 2012 — Article marketplace powershell script windows azure Using this PowerShell script, you can easily deploy a Kentico CMS website to Windows Azure. You only have to do three easy steps and run the script.