[mapguide-trac] #367: Security: GetFdoCachInfo exposes plain text
passwords alongside user Ids
MapGuide Open Source
trac_mapguide at osgeo.org
Fri Dec 7 18:54:09 EST 2007
#367: Security: GetFdoCachInfo exposes plain text passwords alongside user Ids
-------------------------+--------------------------------------------------
Reporter: stevedang | Owner: stevedang
Type: defect | Status: new
Priority: medium | Milestone: 2.0
Component: Server | Version: 2.0.0
Severity: major | Keywords:
External_id: 1010319 |
-------------------------+--------------------------------------------------
Using the Web Tier test pages the GetFdoCachInfo page exposes plain test
passwords alongside their corresponding user id for database connections.
For security reasons we should remove the password from the results.
--
Ticket URL: <http://trac.osgeo.org/mapguide/ticket/367>
MapGuide Open Source <http://mapguide.osgeo.org/>
MapGuide Open Source Internals
More information about the mapguide-trac
mailing list