Closed
Bug 615502
Opened 14 years ago
Closed 14 years ago
double back page allows access to previous CBA netbank session
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: service, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 I've noticed, when using "Commonwealth Bank Netbank" service that if you navigate away from the site, then backpage, the page is still accessible. I have tried loading three different links and can still back-page & get authority to use the account. Bad hole for small business owners. Reproducible: Always Steps to Reproduce: 1.Log onto you Commonwealth Bank Australia Account 2.go to an external site, or Even a few 3.Use page back to gain access Actual Results: Allowed access to bank account. Expected Results: I should be asked to log back in
Comment 1•14 years ago
|
||
I'm not sure why you expect to be logged out of a website simply by navigating away from it. I can't think of a single example of where that would be true. Try using the site's "Log Out" functionality to do so.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•