Activity

From 16 May 2023 to 14 June 2023

14 June 2023

11:41 AM Bug #16599 (Resolved): [MA-3][Android] Cleartext Storage of Sensitive Information in Log Files: Fixed Abdul Halim Baharom
11:41 AM Bug #16595 (Resolved): [MA-5][Android] Lack of Screen Caching Prevention: Fixed Abdul Halim Baharom
11:40 AM Bug #16598 (Resolved): [MA-2][Android] Allowance of Application Data Backup: Fixed Abdul Halim Baharom

13 June 2023

01:35 PM Bug #16603: [MW-9][BE] Sensitive Field Forms Autocomplete: Please assist Nor Khairun Aqila Jesmen
01:34 PM Bug #16604 (Closed): [MW-10][BE] Sensitive Field Not Emptied: Tested good Nor Khairun Aqila Jesmen
01:28 PM Bug #14183 (Closed): [iOS] Add Notice to Allow / Disallow Notification during First Launch: Nor Khairun Aqila Jesmen
01:28 PM Bug #14183: [iOS] Add Notice to Allow / Disallow Notification during First Launch: Tested good. Pending release to prod Nor Khairun Aqila Jesmen
11:25 AM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Tested good Nor Khairun Aqila Jesmen

12 June 2023

08:20 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): requirement fixed to excluded <>"'= for username. userid BAU already excluded. It only allow alphanumeric only. See Pin Leng
04:48 PM Bug #16601 (New): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): As per discussed last Friday 9/6/2023, please apply to filter field not allow to enter < > " ' and = for field user i... Nor Khairun Aqila Jesmen
03:05 PM Bug #16601: [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): 1 - tested good System Owner and MA
2 - noted
3 - tested good. display as per insert. No change color or font
4 - ... Nor Khairun Aqila Jesmen
12:32 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Issue fixed as below:
1. URL cant display sensitive information like userid and username- fixed for user profile(Adm... See Pin Leng
12:22 PM Bug #16604 (Resolved): [MW-10][BE] Sensitive Field Not Emptied: fixes already applied in MA. See Pin Leng

30 May 2023

04:39 PM Bug #16604 (Closed): [MW-10][BE] Sensitive Field Not Emptied: Description:
After a failed attempt to log in to the application, the login form is automatically repopulated with p... Nor Khairun Aqila Jesmen
04:38 PM Bug #16603 (Closed): [MW-9][BE] Sensitive Field Forms Autocomplete: Description:
Autocomplete feature is not set to "off" on username field.
Fixes:
Use autocomplete="off" at the lo... Nor Khairun Aqila Jesmen
04:35 PM Bug #16602 (Closed): [MW-2][BE] Poor Error Handling: Description:
The application returns error message containing stack traces. If reproduced, some error conditions can... Nor Khairun Aqila Jesmen
04:33 PM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Description:
Stored cross-site scripting vulnerabilities arise when user input is stored and later embedded into the... Nor Khairun Aqila Jesmen
04:30 PM Bug #16599 (Closed): [MA-3][Android] Cleartext Storage of Sensitive Information in Log Files: Description:
The application exposes sensitive information within log files which are stored on the local device in ... Nor Khairun Aqila Jesmen
04:28 PM Bug #16598 (Closed): [MA-2][Android] Allowance of Application Data Backup: Description:
The application has android:allowBackup being set to "true" in AndroidManifest.xml
Recommendation:
... Nor Khairun Aqila Jesmen
04:26 PM Bug #16597 (Closed): [MA-5][IOS] Lack of Screen Caching Prevention: Description:
The application may expose sensitive information via the app switcher.
Recommendation:
Overlay an i... Nor Khairun Aqila Jesmen
04:18 PM Bug #16595 (Closed): [MA-5][Android] Lack of Screen Caching Prevention: Description:
The application may expose sensitive information via the app switcher.
Recommendation:
Overlay an i... Nor Khairun Aqila Jesmen

« Previous

Also available in: Atom

BIBD (Bank Islam Brunei Darussalam) » BIBD Merchant Portal

Activity

Activity

14 June 2023

13 June 2023

12 June 2023

09 June 2023

06 June 2023

02 June 2023

30 May 2023