action #589: Fix security hole with uploaded files - Travel Support and merchandising mgmt - openSUSE Project Management Tool

Actions

Copy link

action #589

closed

Fix security hole with uploaded files

Added by ancorgs over 11 years ago. Updated over 11 years ago.

Status:

Closed

Priority:

Immediate

Assignee:

ancorgs

Category:

Development

Target version:

Reimbursement polishment

Start date:

2013-07-11

Due date:

% Done:

100%

Estimated time:

Description

With the current implementation, uploaded files (which includes invoices and signed reimbursements) are not protected by access control. An attacker only needs to guess the url (which is not easy, anyway) to read sensible information.

History
Notes
Property changes

Actions

Copy link

Updated by ancorgs over 11 years ago

% Done changed from 0 to 100
Status changed from New to Closed

Fixed.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

oST_Projects » Travel Support and merchandising mgmt

Custom queries

action #589

Fix security hole with uploaded files

Updated by ancorgs over 11 years ago