[uportal-dev] Close an open redirect vulnerability in the Login servlet issue in 4.1.2

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[uportal-dev] Close an open redirect vulnerability in the Login servlet issue in 4.1.2

ramaprasadm
Hi

Looks like the issue https://apereo.atlassian.net/browse/UP-4737 has not been fixed in portal 4.1.2.  What should be done to fix this in 4.1.2? Any help is appreciated.

Thanks
Malini

--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/176f7a22-cffa-4c15-ac81-5389563aed88o%40apereo.org.
Reply | Threaded
Open this post in threaded view
|

Re: [uportal-dev] Close an open redirect vulnerability in the Login servlet issue in 4.1.2

Julien Gribonvald

Hi,

The fix was applied and a new release was done, so upgrade at least to the version 4.1.3 or apply the patch on your version !

I would sugggest that you watch to move on uP 5.x with uPortal-start, on which upgrading to a new version is really really easy !

Thanks,

Julien

Le 16/06/2020 à 00:18, Malini Ramaprasad a écrit :
Hi

Looks like the issue https://apereo.atlassian.net/browse/UP-4737 has not been fixed in portal 4.1.2.  What should be done to fix this in 4.1.2? Any help is appreciated.

Thanks
Malini
--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/176f7a22-cffa-4c15-ac81-5389563aed88o%40apereo.org.
--
Julien Gribonvald

--
You received this message because you are subscribed to the Google Groups "uPortal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/uportal-dev/2b8da73f-4387-48a8-5065-8ca4bb6184ca%40recia.fr.