Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-4997

Investigate Security Vulnerability in 1.11 API Documentation

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Fully Compatible
    • Dotnet Drivers
    • Not Needed
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?

      • The Info Sec team found a vulnerability in the API docs for our 1.11 version of the driver where they are able to perform cross site scripting 
      • We need to either fix the issue (if its a quick fix) or take this page down (There are no significant active users of this version of the driver)
      • Remove redirect Links pointing to these docs

            Assignee:
            james.kovacs@mongodb.com James Kovacs
            Reporter:
            rishit.bhatia@mongodb.com Rishit Bhatia
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: