[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Summary: POC for CSRF Token (CVE-2019-0235) (was: POC for CSRF Token
(CVE-2019-12425))
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Summary: POC for CSRF Token (CVE-2019-12425) (was: POC for CSRF Token)
> POC for CSRF Tok
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative merged with James's.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative merged with James's.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative merged with James's.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: partyTokenMap.webtools.txt
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Parent: OFBIZ-1525
Issue Type: Sub-task (was: Improvement)
> POC for CSRF Token
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306-alternative.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
"time out
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
"time out
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
"time out
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class (maybe later a JWT with a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: CsrfTokenTransform.java
CsrfTokenAjaxTransform.java
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Description:
CRSF tokens are generated using SecureRandom class.
1) In widget form where a
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> -
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306_Plugins.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: (was: OFBIZ-11306.patch)
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: (was: OFBIZ-11306.patch)
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306-v2.patch
> POC for CSRF Token
> --
>
> Key:
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: (was: OFBIZ-11306.patch)
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-11306:
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-11306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Yong updated OFBIZ-11306:
---
Attachment: OFBIZ-11306.patch
> POC for CSRF Token
> --
>
> Key: OFB
53 matches
Mail list logo