search

NASA-PDS / portal-tasks

PDS Portal tasks repo used to track update requests for the website. Actual code and website are managed in separate private repo
https://pds.nasa.gov
0 stars 0 forks source link

Fix coldfusion vulnerability identified by ITSD #84

Closed jordanpadams closed 1 year ago

jordanpadams commented 1 year ago

Checked for duplicates

No - I haven't checked

🐛 Describe the bug

See ITSD report.

🕵️ Expected behavior

I expected no vulnerability

📜 To Reproduce

See ITSD report.

🖥 Environment Info

No response

📚 Version of Software Used

No response

🩺 Test Data / Additional context

No response

🦄 Related requirements

No response

⚙️ Engineering Details

No response

jordanpadams commented 1 year ago

ColdFusion has been patched and this has been fixed

jordanpadams commented 1 year ago

See email referencing "VDP-081" confirming closeout of issue on 8/28/23.

tloubrieu-jpl commented 1 year ago

@jordanpadams is that something I&T can check ? If yes how ?

jordanpadams commented 1 year ago

@tloubrieu-jpl No. This was a scan by IT Security. No idea how to replicate this scan

jordanpadams commented 1 year ago

Rationale for i&t.skip label ☝️