Opened 17 years ago
Closed 17 years ago
#367 closed defect (fixed)
Security: GetFdoCachInfo exposes plain text passwords alongside user Ids
| Reported by: | stevedang | Owned by: | stevedang |
|---|---|---|---|
| Priority: | medium | Milestone: | 2.0 |
| Component: | Server | Version: | 2.0.0 |
| Severity: | major | Keywords: | |
| Cc: | External ID: | 1010319 |
Description
Using the Web Tier test pages the GetFdoCachInfo page exposes plain test passwords alongside their corresponding user id for database connections. For security reasons we should remove the password from the results.
Change History (2)
comment:1 by , 17 years ago
| Status: | new → assigned |
|---|
comment:2 by , 17 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed by submission <http://trac.osgeo.org/mapguide/changeset/2573>