exalate-issue-sync[bot]
commented
3 weeks ago Elaine Krauss commented: These “potential vulnerabilities” were found to be non-threatening. We are not redirecting with un-sanitized user input.
Open exalate-issue-sync[bot] opened 3 weeks ago
exalate-issue-sync[bot]
commented
3 weeks ago Elaine Krauss commented: These “potential vulnerabilities” were found to be non-threatening. We are not redirecting with un-sanitized user input.
exalate-issue-sync[bot]
commented
3 weeks ago Elaine Krauss commented: Warnings have been marked as “Ignored” on Snyk. No code changes have been made.
exalate-issue-sync[bot]
commented
2 weeks ago Todd Lees commented: The mock endpoints are redirecting to user defined urls, but they are only used locally and in circle.
The real oidc endpoints route to system defined urls
exalate-issue-sync[bot]
commented
2 weeks ago Todd Lees commented: Passes CR moving to QA
exalate-issue-sync[bot]
commented
2 weeks ago Todd Lees commented: Ticket required no changes to code
exalate-issue-sync[bot]
commented
2 weeks ago Shelly Wise commented: Per DEV no code review changes to this ticket. No QA Review needed.
Moved to Stage Ready.
Snyk has identified 4 possible “Open Redirect” vulnerabilities. We need to investigate them and, if necessary, make code changes to resolve the potential issues.
QA Notes
No code changes
DEV Notes
null
Design
null
See full ticket and images here: FECFILE-1753