[gatein-issues] [JBoss JIRA] (GTNPORTAL-2616) Ordinary user is able to modify email of others by hacking account profile tab.
[
https://issues.jboss.org/browse/GTNPORTAL-2616?page=com.atlassian.jira.pl...
]
Minh Hoang TO updated GTNPORTAL-2616:
-------------------------------------
Priority: Blocker (was: Major)
Ordinary user is able to modify email of others by hacking account
profile tab.
--------------------------------------------------------------------------------
Key: GTNPORTAL-2616
URL: https://issues.jboss.org/browse/GTNPORTAL-2616
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Reporter: Minh Hoang TO
Priority: Blocker
Severe security issue as user could hack username input field while saving his own user
profile to change emails of admins.
Back port of EXOGTN-1251
https://jira.exoplatform.org/browse/EXOGTN-1251
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira