Skip to content

Latest commit

 

History

History
22 lines (11 loc) · 1.04 KB

README.md

File metadata and controls

22 lines (11 loc) · 1.04 KB

Corkr - Plugging The Government's Digital Holes

by Terence Eden, Mark Durrant, Marcello Seri, Orlando Kalossakas

Security holes are prevalent in .gov.uk and .nhs.uk websites. We've mapped the sites, and given security scores to each of them.

O. H. M. G! Like! The Government’s websites are totally full of holes! For real you guys!

We've discovered hundreds of *.gov.uk and *.nhs.uk sites running ancient versions of WordPress. The software is old and buggy, and the plugins have critical security vulnerabilities.

This will not do.

We've plotted each of these websites on an interactive map. Civil Servants can browse the map, and discover the sites for which they are responsible.

We have not disclosed the nature of the flaws - nor their severity - just that flaws are present and need to be fixed.

Due to the sensitive nature of these data, we are not able to share all the information..

We hope you like this hack - we think it's a corkr.

The actual code, stripped of the security flaws' details, can be found in the master branch