Open carlan1 opened 9 months ago
Thanks @carlan1 we will work on it on priority.
@carlan1 Please the comments added and confirm. Fortify_Scan_Results_Assessment_1834_12-5-2023.1.xlsx
Do any of the proposed solutions involve API changes?
Yes @carlan1 . It is mentioned in the comments column.
Please see the updated file. Fortify_Scan_Results_Assessment_1834_12-5-2023.1.xlsx
Hi @carlan1 please check on our comments against each item in the excel sheet post by @sarithapillai8 in the above post. We have updated some of the items in the staging and few items are still being worked on. There are some items done by your team which we have marked in the excel doc. Please review and we can discuss on this in our next weeks call.
We are currently evaluating the issues in the OAuth HTML. checking on one solution, shall update it here as soon as the evaluation is complete.
@carlan1 We have made an update to public/oauth.html. Could you please do the scan again and let us know the status of the updated items?
Fortify_Scan_Results_Assessment_1834_1-16-2024.xlsx Here is the updated scan
Thanks @carlan1, we shall review
@carlan1 Please see our comments in attached file. Fortify_Scan_Results_Assessment_1834_1-16-2024.xlsx
In December 2023, we conducted a fortify CASA scan. There are some potential vulnerabilities flagged by the scan. This scan was conducted on the
feature/oauth
branch of theLAMP-dashboard
repository. We need these vulnerabilities corrected (please make corrections directly to this branch). They are described in the attached excel file.Fortify_Scan_Results_Assessment_1834_12-5-2023 (1).xlsx