Uploaded image for project: 'Plugins'
  1. Plugins
  2. CONTRIB-5799

Remove RISK_XSS from capabilities which do not pose such a risk.

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.8.6, 2.9
    • 2.8.7, 2.9.1, 3.0.4
    • Set: Dataform
    • None

    Description

      This is particularly required in entry capabilities since these are granted by default to students and as such generate a warning in the security report.

      Capabilities affected:
      mod/dataform:managefilters
      mod/dataform:manageaccess
      mod/dataform:managenotifications
      mod/dataform:managecss
      mod/dataform:managetools
      mod/dataform:entryearlyadd
      mod/dataform:entrylateadd
      mod/dataform:entryownadd
      mod/dataform:entrygroupadd
      mod/dataform:entryanyadd
      mod/dataform:entryanonymousadd

      Attachments

        Activity

          People

            itamart Itamar Tzadok
            itamart Itamar Tzadok
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              6/Jul/15