search

FusionAuth / fusionauth-issues

FusionAuth issue submission project
https://fusionauth.io
90 stars 12 forks source link

Mask potentially sensitive values when writing to the audit log in the admin UI #2623

Closed robotdan closed 4 months ago

robotdan commented 5 months ago

Mask potentially sensitive values when writing to the audit log in the admin UI

Description

Ensure we are masking or removing sensitive information when writing to the audit log.

Related

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

Release notes

The audit log captures actions taken by users in the FusionAuth admin application. There were cases when sensitive information could be included in forms, and subsequently logged to the audit log. Form fields that can contain sensitive information now have their values masked when written to the audit log.

robotdan commented 5 months ago

Internal:

lyleschemmerling commented 5 months ago

Internal: