Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check logs Sprint 12.2 week 2 #4311

Closed
2 tasks done
pkfec opened this issue Apr 17, 2020 · 2 comments
Closed
2 tasks done

Check logs Sprint 12.2 week 2 #4311

pkfec opened this issue Apr 17, 2020 · 2 comments
Assignees
@fecjjeng
Labels
Security: general General security concern or issue
Milestone
Sprint 12.2

Comments

@pkfec
Copy link
Contributor

pkfec commented Apr 17, 2020
edited by fecjjeng

Check logs Sprint 12.2 week 2
@pkfec pkfec added this to the Sprint 12.2 milestone Apr 17, 2020
@pkfec pkfec added the Security: general General security concern or issue label Apr 17, 2020
@fecjjeng
Copy link
Contributor

fecjjeng commented Apr 29, 2020
edited by pkfec

Vulnerabilities:

FEC-CMS: Total 1
package.json: 1
Medium: Cross-site Scripting: fecgov/fec-cms#3698

openFEC: Total 1
requirements.txt: 1
High: Cross-Site Request Forgery (CSRF): #4282

FEC-EREGS: Total 2
package.json: 1
Medium: Cross-site Scripting: fecgov/fec-eregs#487
requirements.txt: 1
High: Cross-Site Request Forgery (CSRF): fecgov/fec-eregs#485

FEC-PATTERN-LIBRARY: Total 1
package.json: 1
Medium: Cross-site Scripting : fecgov/fec-pattern-library#155

Wagtail user account update checks in Kibana logs:
On 04/21/2020: User change: username dgarr by instance dgarr
On 04/27/2020: User change: username jculmer by instance jculmer

check cloud.gov users: Cloud.gov Dashboard: 9 deployer accounts, same as last week.
Offboarding: Nothing to report

@fecjjeng
Copy link
Contributor

Check logs tickets for the next sprint created:
Check logs Sprint 12.3 week 1 #4324
Check logs Sprint 12.3 week 2 #4325

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fecjjeng fecjjeng

Labels
Security: general General security concern or issue
Projects
None yet
Milestone
Sprint 12.2
Development

No branches or pull requests
2 participants
@pkfec @fecjjeng