Uploaded image for project: 'Alfresco'
  1. Alfresco
  2. ALF-20979

Only Share dashboard of a private site has access security check

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Not a bug
    • Affects Version/s: 4.2 Enterprise
    • Fix Version/s: None
    • Component/s: Share Application
    • Security Level: external (External user)
    • Labels:
      None
    • Security Severity:
      Low

      Description

      1) Create new user "rocco"
      2) Create new private site called "test"
      3) Login as user "rocco"
      4) Try to access the URL /share/page/site/test/dashboard -> server error
      5) Try to access the URL /share/page/site/test/site-members -> access is granted

      If you have a custom page on the private site "test", any user who is aware of the URL can access it.

        Attachments

          Activity

            People

            • Assignee:
              closedissues Closed Issues
              Reporter:
              rdonnarumma Rocco Donnarumma
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: