Search tickets: labels:"security"  Maximize  Restore

Showing 24 results of 24

# Summary Status Owner
  • Sort A -> Z
  • Sort Z -> A
  • Filter by Owner
Labels Reviewer Votes
8153 Stronger no-cache headers closed Dave Brondsema security 0  
8140 After password change, change current session id closed Dave Brondsema security 0  
8127 Fix how we write the .google_authenticator file closed Dave Brondsema security 0  
8126 Rate limiting for two-factor auth closed Dave Brondsema security 0  
8125 Require password when confirming new email address closed Dave Brondsema security 0  
8121 Show security / audit log to users open security 1  
8119 U2F for multifactor auth open security 0  
8118 2FA recovery codes closed Dave Brondsema security 0  
8117 Implement core 2FA closed Dave Brondsema security 0  
8011 Served SVG images can execute JS closed Dave Brondsema security, sf-2 Heith Seewald 0  
7947 XSS vulnerability in link rewriting closed Dave Brondsema security, sf-2 Heith Seewald 0  
7942 In project admin - user permissions, removing a custom group needs to use POST closed Dave Brondsema security, sf-1 Heith Seewald 0  
7893 CSRF checks don't work on login closed Dave Brondsema security, sf-2 Igor Bondarenko 0  
7799 Changing password should invalidate other sessions closed Dave Brondsema security Igor Bondarenko 0  
7786 Invalidate pwd reset tokens after email change closed Heith Seewald security, sf-2 Dave Brondsema 0  
7545 return_to param should be validated for relative URLs closed Cory Johns security, sf-1 Dave Brondsema 0  
7543 Password recovery should not confirm email addr existance closed Alexander Luberg security, sf-1 Dave Brondsema 0  
7528 XSS on wiki page and preview closed Dave Brondsema security, p1, sf-2 0  
7026 Require POST for follow/unfollow actions closed Cory Johns activitystreams, security, sf-1 Dave Brondsema 0  
6889 XSS on /p/add_project/ closed Dave Brondsema support, p1, security, sf-1 0  
6604 IE9 json parsing vulnerability closed Dave Brondsema security, sf-1 Cory Johns 0  
6469 Insecurity in Admin Overview Form [ss4721] closed Tim Van Steenburgh support, p1, security, sf-1 0  
6219 Make tracker email notifications respect private tickets closed Tim Van Steenburgh security, sf-2 Dave Brondsema 0  
  • Ticket Number
  • Summary
  • Milestone
  • Status
  • Owner
  • Creator
  • Created
  • Updated
  • Labels
  • Reviewer
  • Votes
 
(applies to this page only)