View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000615 | savapage-server | [All Projects] Security | public | 2015-11-04 15:08 | 2015-12-01 11:23 |
| Reporter | rijkr | Assigned To | rijkr | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 0.9.9 | ||||
| Target Version | 0.9.10 | Fixed in Version | 0.9.10 | ||
| Summary | 0000615: Prevent Account Enumeration and Guessable User Account | ||||
| Description | IST: Some Web App authentication failure messages reveal user account existence. SOLL: Give a neutral "authentication failed" message. https://www.owasp.org/index.php/Testing_for_Account_Enumeration_and_Guessable_User_Account_(OTG-IDENT-004) | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-11-04 15:08 | rijkr | New Issue | |
| 2015-11-04 15:08 | rijkr | Status | new => assigned |
| 2015-11-04 15:08 | rijkr | Assigned To | => rijkr |
| 2015-11-04 15:11 | rijkr | Status | assigned => resolved |
| 2015-11-04 15:11 | rijkr | Fixed in Version | => 0.9.10 |
| 2015-11-04 15:11 | rijkr | Resolution | open => fixed |
| 2015-12-01 11:23 | rijkr | Status | resolved => closed |
