[Koha-bugs] [Bug 6653] New: [security] Rotating collections pages can be accessed without being logged in
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Aug 1 11:07:54 CEST 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6653
Bug #: 6653
Summary: [security] Rotating collections pages can be accessed
without being logged in
Classification: Unclassified
Change sponsored?: ---
Product: Koha
Version: master
Platform: All
OS/Version: All
Status: NEW
Severity: critical
Priority: P5
Component: Authentication
AssignedTo: gmcharlt at gmail.com
ReportedBy: katrin.fischer at bsz-bw.de
QAContact: koha-bugs at lists.koha-community.org
CC: dpavlin at rot13.org
Following URLs in staff can be accessed withoug being logged in:
.../cgi-bin/koha/rotating_collections/editCollections.pl
.../cgi-bin/koha/rotating_collections/rotatingCollections.pl
.../cgi-bin/koha/rotating_collections/addItems.pl
.../cgi-bin/koha/rotating_collections/transferCollection.pl
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
More information about the Koha-bugs
mailing list