Bugs item #908522, was opened at 2004-03-02 20:56 Message generated for change (Comment added) made by friderman You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=908522&group_id=22866
Category: Nukes Group: None Status: Open Resolution: None Priority: 5 Submitted By: Frederic P�rez Ordeig (friderman) Assigned to: Nobody/Anonymous (nobody) Summary: possible security issue: anonymous block editing Initial Comment: Not logged-in you can access the blocks menu, and move them around, modify properties etc... You can type the following url: (if you have nukes installed locally of course!) http://localhost:8080/nukes/index.html?module=block&op=main I supposed it's a security error and it's not intedeed. Thank you! Good work! ---------------------------------------------------------------------- >Comment By: Frederic P�rez Ordeig (friderman) Date: 2004-03-02 21:16 Message: Logged In: YES user_id=552879 OOPS just for playing, I tested in jboss.com, it also works! Fix it, anyone can modify the web!!!! ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=908522&group_id=22866 ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
