Page Comparison

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Jira Legacy
server JIRA
serverId 3162e2e3-7847-3218-811e-73d3b7cc1d61
key SEC-131
- - Customer Security: medium - high
  - Identity-theft, Phishing, Defacement
  - A bug in the django-1.11.14 allows an attacker to fool our customers by redirecting them to external/attacker controlled websites
  - For unkown reasons did not get merged into release 2.9.0
  - Is fixed in development
Jira Legacy
server JIRA
serverId 3162e2e3-7847-3218-811e-73d3b7cc1d61
key SEC-125
- - Customer Security: medium- high
  - Session-Highjacking, Stolen Payments, Insecure NETS payment
  - During NETS payment our customers loses his secured cookies when getting redirected
  - Fix has been reverted, due to a bug and time constraints
  - unfixed/unplanned