[jira] [Commented] (NETBEANS-3242) Security flaw in pluginportal's google sign on

Jira Fri, 18 Oct 2019 09:44:46 -0700


    [ 
https://issues.apache.org/jira/browse/NETBEANS-3242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16954794#comment-16954794
 ]


Jiří Kovalský commented on NETBEANS-3242:
-----------------------------------------

[~matthiasblaesing]can you please verify this and close the ticket then? Thanks!

> Security flaw in pluginportal's google sign on
> ----------------------------------------------
>
>                 Key: NETBEANS-3242
>                 URL: https://issues.apache.org/jira/browse/NETBEANS-3242
>             Project: NetBeans
>          Issue Type: Bug
>          Components: updatecenters - Pluginportal
>            Reporter: Jan Pirek
>            Assignee: Jan Pirek
>            Priority: Major
>
> Login process should work with google auth token  and backend controller 
> should verify and extract user from token insteas of passed value from client 
> js part of the login which can be altered.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

[jira] [Commented] (NETBEANS-3242) Security flaw in pluginportal's google sign on

Reply via email to