Uploaded image for project: 'Plugins'
  1. Plugins
  2. CONTRIB-5799

Remove RISK_XSS from capabilities which do not pose such a risk.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.8.7, 2.9.1, 3.0.4
    • 2.8.6, 2.9
    • Set: Dataform
    • None

      This is particularly required in entry capabilities since these are granted by default to students and as such generate a warning in the security report.

      Capabilities affected:
      mod/dataform:managefilters
      mod/dataform:manageaccess
      mod/dataform:managenotifications
      mod/dataform:managecss
      mod/dataform:managetools
      mod/dataform:entryearlyadd
      mod/dataform:entrylateadd
      mod/dataform:entryownadd
      mod/dataform:entrygroupadd
      mod/dataform:entryanyadd
      mod/dataform:entryanonymousadd

            itamart Itamar Tzadok
            itamart Itamar Tzadok
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.