[WT-4676] [Security Test] {Critical Information Disclosure} Table Names, Column Names get displayed in proxy tool. - Workterra Jira

Details

Type: Bug
Status: Open
Priority: High
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- Security

Environment:

Production
Bug Severity:
Low
Module:
BenAdmin - Security
Reported by:
Harbinger

Description

[Security Test]

{Critical Information Disclosure}

Table Name and Column Names get displayed in proxy tools.
Test Environment : Production: VM-208..
Tool used:
Tamper Data - Mozilla Browser plugin

1. Login as Admin
2. Go to Add Employee
3. Enter required fields in Add New employee page
4. Go to Tamper Data
5. Click on Start Tamper
6. Go to Add Employee Page and click on Save button.
7. Check for the Tamper Data POST form parameters.

For more details check attached Screenshot.

This issue is observed throughout the application.

Prasad Pise (Inactive) created issue - 08/Sep/16 10:36 AM

Rakesh Roy (Inactive) made changes - 23/Jan/17 06:01 AM

Field	Original Value	New Value
Module	Parent values: BenAdmin(10100)	Parent values: BenAdmin(10100)Level 1 values: Security(10112)

Prasad Pise (Inactive) made changes - 20/Mar/17 06:31 AM

Severity

Medium [ 13102 ]

Prasad Pise (Inactive) made changes - 06/Apr/17 07:12 AM

Issue Category

EBS [ 10350 ]

Harbinger [ 10700 ]

Rakesh Roy (Inactive) made changes - 27/Sep/17 08:05 AM

Bug Severity

Low [ 16703 ]

Satya made changes - 01/Nov/17 11:13 PM

Labels

Security

Satya made changes - 04/Nov/17 06:35 AM

Environment_New

Production [ 18442 ]

Vijayendra Shinde (Inactive) made changes - 15/Dec/20 02:53 AM

Link

This issue relates to DEV-13718 [ DEV-13718 ]

People

Assignee:: Samir

Reporter:: Prasad Pise (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 08/Sep/16 10:36 AM

Updated:: 15/Dec/20 02:53 AM

Details

Description

Attachments

Attachments

Activity

People

Dates