Ticket #280 (accepted defect)

Opened 11 months ago

Last modified 7 months ago

RP should be reviewed for potential injection attacks

Reported by: dbuss Owned by: dbuss
Priority: committed Milestone: Future
Component: RP: trac Version:
Keywords: osis rp trac rsa community Cc:
Blocking: Blocked By:

Description (last modified by dbuss) (diff)

Review code for sql, ldap, html injection attacks.

Idle musing: What if there were specific cleaning functions which could be enabled via the options interface to data scrubbing? The I don't force it, and I could allow others to add cleansing functions without changing the core.

Change History

Changed 11 months ago by dbuss

  • keywords OSIS RP TRAC added
  • owner changed from dbuss@… to dbuss
  • status changed from new to assigned

Changed 10 months ago by jimse

  • milestone changed from Bandit: February 08 to OSIS Interop (RSA Conference) Ready

Changed 10 months ago by tdoman

  • keywords RSA added
  • milestone changed from OSIS Interop (RSA Conference) Ready to Sprint: 4/1

Changed 10 months ago by dbuss

  • keywords osis rp trac rsa added; OSIS RP TRAC RSA removed
  • status changed from assigned to accepted

Changed 10 months ago by dbuss

  • description modified (diff)
  • summary changed from TRAC RP should handle injection attacks to RP should be reviewed for potential injection attacks

Changed 8 months ago by dbuss

  • keywords community added

Changed 7 months ago by dbuss

  • milestone changed from Sprint: 5/15 to Future
Note: See TracTickets for help on using tickets.