Changes between Initial Version and Version 6 of Ticket #30


Ignore:
Timestamp:
12/02/11 15:32:45 (13 years ago)
Author:
Kris Deugau
Comment:

Change ticket info to cover all security-review changes

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #30

    • Property Summary Security review - XSS/input validationSecurity review

  • Ticket #30 – Description

    initial v6  
     1XSS/input validation:
    12Reading back on VegaDNS' history I poked into the CVE issues reported with VegaDNS 0.9.9.1 and 1.1.4.  I realized the same message-reporting vulnerability would bite here.
     3
     4Access scoping:
     5Check to make sure a user can't access any entity outside of their group tree