Closed JonellaCulmer closed 5 years ago
Vulnerabilities found this week:
OPENFEC: Total 2
FEC-EREGS: total 2
FEC-PATTERN-LIBRARY: Total 1
FEC-CMS: Total 2
(2)Prototype Pollution --MEDIUM SEVERITY Vulnerable module: jquery Introduced through: datatables.net-responsive@2.0.1, typeahead.js@0.11.1 and others https://app.snyk.io/vuln/SNYK-JS-JQUERY-174006 https://app.snyk.io/org/fecgov/project/2a97cddb-4b62-4d54-b18f-3b85d55a5e10/?severity=high&severity=medium&severity=low&policy=open&fromGitHubAuth=true create new issue: https://github.com/fecgov/fec-cms/issues/2792
2.requirements.txt 0 None
Account approvals: One open issues - Onboard Jason Upchurch https://github.com/fecgov/fec-accounts/issues/166
Search logs: one user added to cms (for @rfultz to access wagtail, refer to onboard ticket https://github.com/fecgov/fec-accounts/issues/155, this ticket can be closed now)
Cloud.gov Dashboard: 9 deployer accounts, same as last week.
Check logs for sprint 8.5 week 1 done. created three new tickets (one in each FEC-CMS, FEC-PATTERN-LIBRAR, FEC-EREGS) so close this issue.
Log review needs to be completed for Sprint 8.5 (week 1) per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)