One of our customers had a penetration test performed on their SharePoint system. I think it’s fairly standard, but it could have a custom login form. In fact, given some of the errors, I think it must have been – but I had little involvement, so I’m not sure. Heck, it could even have been a SharePoint 2007 system, or a new login form that we didn’t write.

Either way, I thought it would be interesting (and a good reminder) to look at some of the issues it threw up… Continue reading “Results of Penetration Test on SharePoint system” →