Security | Stefan Bauer

All Posts Tagged ‘Security’

Last week I discovered a leak that effects documents published on Workplace from Facebook. After filing a white hat report, I got a response from Facebook’s security team. It seems that they are not concerned that customer data are exposed publicly by their platform via public content delivery networks. The leak is how this platform treats documents and how sharing works.

Workplace from Facebook – marketing statement on their web site

“Access for everyone” and “discover the secrets of connected companies” are taken literally.

Article

NPM 6.0 and SharePoint Framework – Security Reporting

In case you recently upgrade NPM to Version 6.0 and created a new SharePoint Project through the Yeoman generator. There is a chance that you recognised the following new notification at the end of the NPM installation process.

Security Report after SPFx installation

What there are five vulnerabilities, one with severity low and four with severity high and I can run ‘npm audit’ to get a detailed report?

Don’t start to scream “fire” and run in panic through your office, uninstall all your SPFx projects from all your tenants, clean up your CDN, keep calm and learn the reason why this gets now reported after the installation.

[Read more]

Stefan Bauer – N8D

Office 365, SharePoint, Web Development & Design

All Posts Tagged ‘Security’

NPM 6.0 and SharePoint Framework – Security Reporting