Skip to main content

Support Center Security Issue

Permanently deleted user
Last night, we discovered that a URL redirect was not working correctly. This redirect was intended to take you from an unsecured Support Center login page (via HTTP) to a page whose connection is secured with Transport Layer Security (TLS) over HTTPS. As a result, some users may have inadvertently logged in from the unsecured page, which would have made their credentials visible to anyone who happened to be monitoring network traffic.

 

We fixed this issue shortly after its discovery yesterday. While we are not aware of any instance of a Support Center user having their credentials intercepted, we strongly urge all users to set a new password for their Support Center account via their "My Profile" page (edit "My Profile Information" and click the "Change Password" link).

 

As always, we take any security issue extremely seriously. On behalf of the Community team, I apologise for this issue and any inconvenience caused as a result. Please (To: community@geocortex.com) contact me if you have any questions or concerns.
0

Comments

1 comment

Date Votes
  • Permanently deleted user
    Just a quick follow-up on this issue:

     

    We've determined that this issue was present between October 14 and 26 and affected a limited number of users, with whom we've followed up via email. Moving forward, we have a test plan in place to prevent issues like this from occurring again.

     

    As always, please (To: community@geocortex.com) let me know if you have further concerns or questions.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post