[NMS-10564] CSRF in user management - OpenNMS Jira

Jeff Jancula January 19, 2022 at 4:57 PM

Added security-moderate label to match CVE

Christian Pape March 12, 2021 at 4:50 PM

Merged.

Christian Pape March 9, 2021 at 3:57 PM
Edited

Please review:

PR: https://github.com/OpenNMS/opennms/pull/3333

Backport for foundation-2020:

PR: https://github.com/OpenNMS/opennms/pull/3341

David Hustace February 5, 2021 at 3:25 PM

Can this be resolved by setting the SameSite cookie attribute?

CSRF in user management

Description

Acceptance / Success Criteria

Attachments

Lucidchart Diagrams

Activity

Jeff Jancula January 19, 2022 at 4:57 PM

Christian Pape March 12, 2021 at 4:50 PM

Christian Pape March 9, 2021 at 3:57 PM
Edited

David Hustace February 5, 2021 at 3:25 PM

Details
Assignee
Christian Pape
Reporter
Jesse White
Labels
security-moderate
HB Backlog Status
Backlog CM
Sprint
None
Fix versions
27.1.1
Affects versions
27.0.4
Priority
High

Details

Assignee

Reporter

Labels

HB Backlog Status

Sprint

Fix versions

Affects versions

Priority

PagerDuty

PagerDuty

CSRF in user management

Description

Acceptance / Success Criteria

Attachments

Lucidchart Diagrams

Activity

Jeff Jancula January 19, 2022 at 4:57 PM

Christian Pape March 12, 2021 at 4:50 PM

Christian Pape March 9, 2021 at 3:57 PMEdited

David Hustace February 5, 2021 at 3:25 PM

DetailsAssigneeChristian PapeChristian PapeReporterJesse WhiteJesse WhiteLabelssecurity-moderateHB Backlog StatusBacklog CMSprintNone+2Fix versions27.1.1Affects versions27.0.4PriorityHigh

Details

Assignee

Reporter

Labels

HB Backlog Status

Sprint

Fix versions

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Christian Pape March 9, 2021 at 3:57 PM
Edited

Details
Assignee
Christian Pape
Reporter
Jesse White
Labels
security-moderate
HB Backlog Status
Backlog CM
Sprint
None
Fix versions
27.1.1
Affects versions
27.0.4
Priority
High

PagerDuty