Activity

From 10 June 2023 to 09 July 2023

09:15 AM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Tested good by Feerman Nor Khairun Aqila Jesmen

05:36 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Issued fixed
1. all *userId* in Administrator User Profile & user information were encoded at URL and source code.
... See Pin Leng
05:27 PM Bug #16601 (In Progress): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Issue:
at the System Information, have user information on the URL. And from there, when click back to the user info... Nor Khairun Aqila Jesmen

02:09 PM Bug #16602 (Resolved): [MW-2][BE] Poor Error Handling: CHANGES (SYSTEM OWNER AND MERCHANT)
# Create new ServerInfo.properties file in new created folder(s) /lib/org/apac... Nur Azza Syazwany Azizol
12:09 PM Bug #16602 (In Progress): [MW-2][BE] Poor Error Handling: To display customized screen when hit error 400,404,500
Error message either
Invalid browser action
or
Inva... Nor Khairun Aqila Jesmen
11:48 AM Bug #16602: [MW-2][BE] Poor Error Handling: Attached updated document v1.1 Nur Azza Syazwany Azizol
11:41 AM Bug #16602 (Resolved): [MW-2][BE] Poor Error Handling: Modify web.xml:
1. Add
<error-page>
<error-code>400</error-code>
<location>/cc_iam/WEB-INF/vm/400.vm</location>... Nur Azza Syazwany Azizol
09:44 AM Bug #16603 (Resolved): [MW-9][BE] Sensitive Field Forms Autocomplete: Path: cc_iam/src/main/webapp/WEB-INF/vm/user/userProfile
VM file changes:
1. userProfileDetail.vm
2. userProfile... Nur Azza Syazwany Azizol

12:42 PM Bug #16603: [MW-9][BE] Sensitive Field Forms Autocomplete: Please assist to apply same fixes for System Owner and Partner module
1. Reset Password - field User ID
Nor Khairun Aqila Jesmen

11:41 AM Bug #16599 (Resolved): [MA-3][Android] Cleartext Storage of Sensitive Information in Log Files: Fixed Abdul Halim Baharom
11:41 AM Bug #16595 (Resolved): [MA-5][Android] Lack of Screen Caching Prevention: Fixed Abdul Halim Baharom
11:40 AM Bug #16598 (Resolved): [MA-2][Android] Allowance of Application Data Backup: Fixed Abdul Halim Baharom

01:35 PM Bug #16603: [MW-9][BE] Sensitive Field Forms Autocomplete: Please assist Nor Khairun Aqila Jesmen
01:34 PM Bug #16604 (Closed): [MW-10][BE] Sensitive Field Not Emptied: Tested good Nor Khairun Aqila Jesmen
01:28 PM Bug #14183 (Closed): [iOS] Add Notice to Allow / Disallow Notification during First Launch: Nor Khairun Aqila Jesmen
01:28 PM Bug #14183: [iOS] Add Notice to Allow / Disallow Notification during First Launch: Tested good. Pending release to prod Nor Khairun Aqila Jesmen
11:25 AM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Tested good Nor Khairun Aqila Jesmen

08:20 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): requirement fixed to excluded <>"'= for username. userid BAU already excluded. It only allow alphanumeric only. See Pin Leng
04:48 PM Bug #16601 (New): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): As per discussed last Friday 9/6/2023, please apply to filter field not allow to enter < > " ' and = for field user i... Nor Khairun Aqila Jesmen
03:05 PM Bug #16601: [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): 1 - tested good System Owner and MA
2 - noted
3 - tested good. display as per insert. No change color or font
4 - ... Nor Khairun Aqila Jesmen
12:32 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS): Issue fixed as below:
1. URL cant display sensitive information like userid and username- fixed for user profile(Adm... See Pin Leng
12:22 PM Bug #16604 (Resolved): [MW-10][BE] Sensitive Field Not Emptied: fixes already applied in MA. See Pin Leng

Also available in: Atom

BIBD (Bank Islam Brunei Darussalam) » BIBD Merchant Portal