You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
src/SubmitDatasetHandler/cgi-bin/SubmitDatasetConfirmationHandler.py doesn't check permissions on the directory to be packaged and sent to DataBank. It is fairly trivial to use something like Firebug to edit the path to be packaged.
This would lead to a user being able to access other users' private files by submitting them to a repository and then retrieving them from there.
The text was updated successfully, but these errors were encountered:
src/SubmitDatasetHandler/cgi-bin/SubmitDatasetConfirmationHandler.pydoesn't check permissions on the directory to be packaged and sent to DataBank. It is fairly trivial to use something like Firebug to edit the path to be packaged.This would lead to a user being able to access other users' private files by submitting them to a repository and then retrieving them from there.
The text was updated successfully, but these errors were encountered: