Open cmheazel opened 6 years ago
@bpross-52n Can you please check if this issue is solved by https://github.com/opengeospatial/teamengine/pull/515?
Even though the branch for #515 has this issue number in it, the pull request only fortifies against path manipulation. So log forging is not prevented by #515.
Log forging is a vulnerability where a user can write unvalidated content to the log. This is a specific instance of the larger issue of user input validation. Fixes to this issue may also address other issues such as Path Manipulation.