[gatein-issues] [JBoss JIRA] (GTNPORTAL-2616) Ordinary user is able to modify email of others by hacking account profile tab.
[
https://issues.jboss.org/browse/GTNPORTAL-2616?page=com.atlassian.jira.pl...
]
Minh Hoang TO resolved GTNPORTAL-2616.
--------------------------------------
Resolution: Duplicate Issue
Ordinary user is able to modify email of others by hacking account
profile tab.
--------------------------------------------------------------------------------
Key: GTNPORTAL-2616
URL: https://issues.jboss.org/browse/GTNPORTAL-2616
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Reporter: Minh Hoang TO
Priority: Blocker
Labels: portal-s69, synced
Severe security issue as user could hack username input field while saving his own user
profile to change emails of admins.
Back port of EXOGTN-1251
https://jira.exoplatform.org/browse/EXOGTN-1251
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira