Anomalie #7468: Problème de securité sur posh - eole-posh - Ensemble Ouvert Libre Évolutif

Anomalie #7468

Problème de securité sur posh

Added by Arnaud FORNEROT over 9 years ago. Updated about 9 years ago.

Status:

Fermé

Priority:

Normal

Assigned To:

Mathieu Terroba

Target version:

Envole - Envole 3.3.8

Start date:

Due date:

% Done:

100%

Distribution:

EOLE 2.3

Description

Voir rapport de sécurité en PJ
Les solutions à leurs correction sont précisées à l'intérieur

POSH-3.2.1-advisory.pdf (18.2 KB) Arnaud FORNEROT, 02/20/2014 09:43 AM

Associated revisions

Revision cfacd837 (diff)
Added by Mathieu Terroba over 9 years ago

Correction d'une injection SQL (refs #7468)

Revision 1cc33e64 (diff)
Added by Mathieu Terroba over 9 years ago

Correction d'une faille XSS (refs #7468)

Revision 4545a87e (diff)
Added by Mathieu Terroba about 9 years ago

Ajout d'un test pour éviter les inclusions d'url (fixes #7468)

History

#1 Updated by Arnaud FORNEROT over 9 years ago

Target version changed from Envole 3.3.7 to Envole 3.3.8

#2 Updated by Arnaud FORNEROT over 9 years ago

Project changed from Envole to eole-posh

#3 Updated by Mathieu Terroba over 9 years ago

Status changed from Nouveau to Accepté
Assigned To set to Mathieu Terroba
% Done changed from 0 to 80

Reste à voir le pb d'inclusion d'url

#4 Updated by Mathieu Terroba about 9 years ago

Status changed from Accepté to Résolu
% Done changed from 80 to 100

Appliqué par commit 4545a87e2d37c5411b9cb08ab3e99d7178b3f92b.

#5 Updated by Arnaud FORNEROT about 9 years ago

Private changed from Yes to No

#6 Updated by Arnaud FORNEROT about 9 years ago

Status changed from Résolu to Fermé

Also available in: Atom PDF

Project

General

Profile

Envole » Envole-Archive » posh » eole-posh

Issues

Custom queries