Ticket #907 (new defect)

Opened 17 months ago

Last modified 11 months ago

Security Issues to fix urgently

Reported by: gkka321 Owned by: gkka321
Priority: very high Milestone:
Component: Greenstone3 Runtime Severity: major
Keywords: Cc:

Description

Dear Sir,

The following issues are to be fixed urgently

1. Reflected cross site scripting 2. Open Redirection 3. Click jacking vulnerability 4. Brute Force attack in login page 5. Improper error handling

Attachments

Change History

follow-up: ↓ 3   Changed 17 months ago by ak19

Hello, could you document an example or more of each type of attack and send this to the mailing list? We will then be able to study the matter better and try get Greenstone 3 fixed up for this.

Thank you.

Changed 16 months ago by gkka321

Changed 16 months ago by gkka321

Changed 16 months ago by gkka321

Changed 16 months ago by gkka321

Changed 16 months ago by gkka321

Changed 16 months ago by gkka321

  Changed 15 months ago by gkka321

  • owner changed from nobody to gkka321
  • component changed from Installation to Greenstone3 Runtime

in reply to: ↑ 1   Changed 11 months ago by gkka321

Supporting files has been uploaded

Note: See TracTickets for help on using tickets.