Uploaded image for project: 'FOLIO'
  1. FOLIO
  2. FOLIO-2524

Security Audit raised issues

    XMLWordPrintable

Details

    • CP: sprint 86, CP: Roadmap backlog, CP: sprint 85
    • Core: Platform

    Description

      Title Related JIRA
      Lack of Authentication Checks on /_/proxy/* OKAPI-767
      Denial of Service Via CQL Queries FOLIO-2563
      HTTP Response Header Injection FOLIO-2564
      No Expiration on JSON Web Tokens FOLIO-2556
      Arbitrary URL Redirection in SAML Response MODLOGSAML-58
      Misleading Permission Set Configuration FOLIO-2565
      Cross-Site Request Forgery (CSRF) in SSO Flow MODLOGSAML-59
      User Enumeration Low TODO
      Denial of Service Through User Lockout Low TODO
      Server Headers Reveal Excessive Information Low TODO

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                jakub Jakub Skoczen
                jakub Jakub Skoczen
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:

                  TestRail: Runs

                    TestRail: Cases