Uploaded image for project: 'FOLIO'
  1. FOLIO
  2. FOLIO-2524

Security Audit raised issues

    XMLWordPrintable

    Details

    • Template:
    • Sprint:
      CP: sprint 86, CP: Roadmap backlog, CP: sprint 85
    • Development Team:
      Core: Platform

      Description

      Title Related JIRA
      Lack of Authentication Checks on /_/proxy/* OKAPI-767
      Denial of Service Via CQL Queries FOLIO-2563
      HTTP Response Header Injection FOLIO-2564
      No Expiration on JSON Web Tokens FOLIO-2556
      Arbitrary URL Redirection in SAML Response MODLOGSAML-58
      Misleading Permission Set Configuration FOLIO-2565
      Cross-Site Request Forgery (CSRF) in SSO Flow MODLOGSAML-59
      User Enumeration Low TODO
      Denial of Service Through User Lockout Low TODO
      Server Headers Reveal Excessive Information Low TODO

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                jakub Jakub Skoczen
                Reporter:
                jakub Jakub Skoczen
                Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                  Dates

                  Created:
                  Updated:

                    TestRail: Runs

                      TestRail: Cases