Activity
From 10 June 2023 to 09 July 2023
05 July 2023
- 09:15 AM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- Tested good by Feerman
03 July 2023
- 05:36 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- Issued fixed
1. all *userId* in Administrator User Profile & user information were encoded at URL and source code.
... - 05:27 PM Bug #16601 (In Progress): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- Issue:
at the System Information, have user information on the URL. And from there, when click back to the user info...
26 June 2023
- 02:09 PM Bug #16602 (Resolved): [MW-2][BE] Poor Error Handling
- CHANGES (SYSTEM OWNER AND MERCHANT)
# Create new ServerInfo.properties file in new created folder(s) /lib/org/apac... - 12:09 PM Bug #16602 (In Progress): [MW-2][BE] Poor Error Handling
- To display customized screen when hit error 400,404,500
Error message either
Invalid browser action
or
Inva... - 11:48 AM Bug #16602: [MW-2][BE] Poor Error Handling
- Attached updated document v1.1
- 11:41 AM Bug #16602 (Resolved): [MW-2][BE] Poor Error Handling
- Modify web.xml:
1. Add
<error-page>
<error-code>400</error-code>
<location>/cc_iam/WEB-INF/vm/400.vm</location>... - 09:44 AM Bug #16603 (Resolved): [MW-9][BE] Sensitive Field Forms Autocomplete
- Path: cc_iam/src/main/webapp/WEB-INF/vm/user/userProfile
VM file changes:
1. userProfileDetail.vm
2. userProfile...
22 June 2023
- 12:42 PM Bug #16603: [MW-9][BE] Sensitive Field Forms Autocomplete
- Please assist to apply same fixes for System Owner and Partner module
1. Reset Password - field User ID
14 June 2023
- 11:41 AM Bug #16599 (Resolved): [MA-3][Android] Cleartext Storage of Sensitive Information in Log Files
- Fixed
- 11:41 AM Bug #16595 (Resolved): [MA-5][Android] Lack of Screen Caching Prevention
- Fixed
- 11:40 AM Bug #16598 (Resolved): [MA-2][Android] Allowance of Application Data Backup
- Fixed
13 June 2023
- 01:35 PM Bug #16603: [MW-9][BE] Sensitive Field Forms Autocomplete
- Please assist
- 01:34 PM Bug #16604 (Closed): [MW-10][BE] Sensitive Field Not Emptied
- Tested good
- 01:28 PM Bug #14183 (Closed): [iOS] Add Notice to Allow / Disallow Notification during First Launch
- 01:28 PM Bug #14183: [iOS] Add Notice to Allow / Disallow Notification during First Launch
- Tested good. Pending release to prod
- 11:25 AM Bug #16601 (Closed): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- Tested good
12 June 2023
- 08:20 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- requirement fixed to excluded <>"'= for username. userid BAU already excluded. It only allow alphanumeric only.
- 04:48 PM Bug #16601 (New): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- As per discussed last Friday 9/6/2023, please apply to filter field not allow to enter < > " ' and = for field user i...
- 03:05 PM Bug #16601: [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- 1 - tested good System Owner and MA
2 - noted
3 - tested good. display as per insert. No change color or font
4 - ... - 12:32 PM Bug #16601 (Resolved): [MW-1 & MW-4][BE] Stored Cross-Site Scripting (XSS)
- Issue fixed as below:
1. URL cant display sensitive information like userid and username- fixed for user profile(Adm... - 12:22 PM Bug #16604 (Resolved): [MW-10][BE] Sensitive Field Not Emptied
- fixes already applied in MA.
Also available in: Atom