Custom Query (2152 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:

Results (712 - 714 of 2152)

228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248
Ticket Resolution Summary Owner Reporter
#133 fixed Security hole - search package/group (WUI & REST) rgrp dread

Reported by dread, 5 years ago.
Description

Using WUI or REST interface you can search packages and groups without authorization being checked.

On the REST interface you can also read all the attributes of the packages using the 'all-fields' option.

Can be fixed using more advanced query to check authz.

#132 fixed Security hole - read package/group list (REST) rgrp dread

Reported by dread, 5 years ago.
Description

Using REST interface you can list packages and groups without authorization being checked.

Can be fixed using more advanced query to check authz.

#1585 fixed Security fix dread

Reported by dread, 2 years ago.
Description

(details embargoed until 31/1/2012)

228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248
Note: See TracQuery for help on using queries.