Andrea Patricelli created SYNCOPE-1064:
------------------------------------------
Summary: Impropve security of customization mechanism
Key: SYNCOPE-1064
URL: https://issues.apache.org/jira/browse/SYNCOPE-1064
Project: Syncope
Issue Type: Improvement
Components: enduser
Affects Versions: 2.0.2
Reporter: Andrea Patricelli
Fix For: 2.0.3, 2.1.0
A smart and malicious user could "hack" angularjs frontend components and send
info that is not allowed to create/edit.
Solve this by checking info on server side against form customization JSON.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
