WORKTERRAProject Type: software

WORKTERRA

Uploaded image for project: 'WORKTERRA'
  1. WORKTERRA
  2. WT-4637

[Security Test] {Server Side Input Validation} In Employee Self Serve Mode, user is allowed to enter any data/ special characters like <,>,',-,* in Select Beneficiary (Trust - Trust Name) which cause application to throw Server Error.

    Details

    • Type: Bug
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Environment:
      Production
    • Bug Severity:
      Low
    • Module:
      BenAdmin - Security
    • Reported by:
      Harbinger

      Description

      [Security Test]

      {Insecure Input Validation}

      In Employee Self Serve Mode, user is allowed to enter any data/ special characters like <,>,',-,* in Select Beneficiary (Trust - Trust Name) which cause application to throw Server Error.

      Input validations needs to be implemented to avoid server errors because of any Malicious activity.

        Attachments

          Activity

          Ascending order - Click to sort in descending order
          prasadp Prasad Pise (Inactive) created issue -
          prasadp Prasad Pise (Inactive) made changes -
          Field Original Value New Value
          Summary [Security Test] {Insecure Input Validation} In Employee Self Serve Mode, user is allowed to enter any data/ special characters like <,>,',-,* in Select Beneficiary (Trust - Trust Name) which cause application to throw Server Error. [Security Test] {Server Side Input Validation} In Employee Self Serve Mode, user is allowed to enter any data/ special characters like <,>,',-,* in Select Beneficiary (Trust - Trust Name) which cause application to throw Server Error.
          rakeshr Rakesh Roy (Inactive) made changes -
          Module Parent values: BenAdmin(10100) Parent values: BenAdmin(10100)Level 1 values: Security(10112)
          prasadp Prasad Pise (Inactive) made changes -
          Severity Complex [ 13103 ]
          prasadp Prasad Pise (Inactive) made changes -
          Issue Category EBS [ 10350 ] Harbinger [ 10700 ]
          rakeshr Rakesh Roy (Inactive) made changes -
          Bug Severity Low [ 16703 ]
          satyap Satya made changes -
          Labels Security
          satyap Satya made changes -
          Environment_New Production [ 18442 ]
          vijayendra Vijayendra Shinde (Inactive) made changes -
          Link This issue relates to DEV-13718 [ DEV-13718 ]

            People

            Assignee:
            samir Samir
            Reporter:
            prasadp Prasad Pise (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: