Ticket #907 (new defect)

Opened 15 months ago

Last modified 9 months ago

Security Issues to fix urgently

Reported by: gkka321 Owned by: gkka321
Priority: very high Milestone:
Component: Greenstone3 Runtime Severity: major
Keywords: Cc:

Description

Dear Sir,

The following issues are to be fixed urgently

1. Reflected cross site scripting 2. Open Redirection 3. Click jacking vulnerability 4. Brute Force attack in login page 5. Improper error handling

Attachments

Change History

follow-up: ↓ 3   Changed 15 months ago by ak19

Hello, could you document an example or more of each type of attack and send this to the mailing list? We will then be able to study the matter better and try get Greenstone 3 fixed up for this.

Thank you.

Changed 14 months ago by gkka321

Changed 14 months ago by gkka321

Changed 14 months ago by gkka321

Changed 14 months ago by gkka321

Changed 14 months ago by gkka321

Changed 14 months ago by gkka321

  Changed 13 months ago by gkka321

  • owner changed from nobody to gkka321
  • component changed from Installation to Greenstone3 Runtime

in reply to: ↑ 1   Changed 9 months ago by gkka321

Supporting files has been uploaded

Note: See TracTickets for help on using tickets.