[jira] [Updated] (NETBEANS-3242) Security flaw in pluginportal's google sign on

Jan Pirek (Jira) Wed, 16 Oct 2019 02:24:01 -0700


     [ 
https://issues.apache.org/jira/browse/NETBEANS-3242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jan Pirek updated NETBEANS-3242:
--------------------------------
    Summary: Security flaw in pluginportal's google sign on  (was: Security 
flaw in google sign on)

> Security flaw in pluginportal's google sign on
> ----------------------------------------------
>
>                 Key: NETBEANS-3242
>                 URL: https://issues.apache.org/jira/browse/NETBEANS-3242
>             Project: NetBeans
>          Issue Type: Bug
>          Components: updatecenters - Pluginportal
>            Reporter: Jan Pirek
>            Assignee: Jan Pirek
>            Priority: Major
>
> Login process should work with google auth token  and backend controller 
> should verify and extract user from token insteas of passed value from client 
> js part of the login which can be altered.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

[jira] [Updated] (NETBEANS-3242) Security flaw in pluginportal's google sign on

Reply via email to