diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-30 15:26:40 +0200 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-30 16:17:21 +0200 |
| commit | 786f00324f13fc6eb593e62e0a41af12ed7039bb (patch) | |
| tree | 715f2498d5685222671834c874c6d48c73c2ed39 | |
| parent | 0e5fe0b7d2880f0b0a96592698049a614ef01fac (diff) | |
Document OJSI-65 (CVE-2019-1212) vulnerability
Issue-ID: OJSI-65
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I5c3bee06c2b1da3eca2bb583c57decb35b0f32c0
| -rw-r--r-- | docs/release-notes.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 4f954692..fbaf675e 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -37,6 +37,7 @@ We worked on SDK upgrade to integrate with AAF. We partially implemented multi-l *Known Security Issues* * CVE-2019-12317 - Number of XSS vulnerabilities in Portal [`OJSI-15 <https://jira.onap.org/browse/OJSI-15>`_] + * CVE-2019-12122 - ONAP Portal allows to retrieve password of currently active user [`OJSI-65 <https://jira.onap.org/browse/OJSI-65>`_] * In defult deployment PORTAL (portal-app) exposes HTTP port 8989 outside of cluster. [`OJSI-97 <https://jira.onap.org/browse/OJSI-97>`_] * In defult deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_] * In defult deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_] |