Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-519

Security issue with user audit logs in UI

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • 1.6.3
    • 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.6.0, 1.6.1, 1.6.2
    • UI
    • None

    Description

      A bug in the Grouper UI allows unauthorized users to view user audit logs by URL manipulation. See: https://spaces.internet2.edu/display/Grouper/GRP+519+-+A+bug+in+the+Grouper+UI+allows+unauthorized+users+to+view+user+audit+logs+by+URL+manipulation

      Attachments

        Activity

          People

            shilen.patel@at.internet2.edu Shilen Patel (duke.edu)
            shilen.patel@at.internet2.edu Shilen Patel (duke.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: