Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-12370

Prevent potential vulnerability with web API api/l10n/index

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.0
    • Component/s: l10n & i18n, Web API
    • Labels:
      None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      The parameter locale is returned as it is in the JSON response when value is not supported. Example is attached.

      It's not considered as a vulnerability for the time being because the webapp does not display the error message. As a safeguard for future changes, the web API should not return the value of the parameter in the error response.

        Attachments

          Activity

            People

            Assignee:
            simon.brandhof Simon Brandhof (Inactive)
            Reporter:
            simon.brandhof Simon Brandhof (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: