Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

Ticket #192 (Logout in the Issue Tracker doesn't work properly) created

Simon Repp just discovered this odd behaviour on the Hauptraum Surfstation:

Open the Issue tracker.
Click Login.
You are now logged in as XXXXXXX. (without being asked for or providing any credentials!!)

This should not happen.

Regression:
Firefox in private mode. No cookies are stored, all cookies deleted, firefox quit and reopened. Behaviour is still the same.

Security implication: Allows impersonification, maybe even unfriendly takeover of an account.

Tags: newticket

Don't be the product, buy the product!

Schweinderl