We have a number of open XSS and other vulnerability and compliance issues for Cloud VPS projects and/or Toolforge tools. We need to document and communicate what our process is for dealing with these. It's topical as some of these projects are abandoned, many are run by folks with minimal free time, folks who may need a bit of sheparding on what to do, but in the end we cannot allow applications with exploitable issues to remain online indefinitely.
Description
Description
Event Timeline
• chasemp created this task.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 9 2019, 6:04 PM2019-12-09 18:04:55 (UTC+0)
• chasemp moved this task from Incoming to Back Orders on the Security-Team board.Dec 11 2019, 7:22 PM2019-12-11 19:22:49 (UTC+0)
fnegri edited projects, added cloud-services-team; removed cloud-services-team (Kanban).Jan 18 2023, 6:40 PM2023-01-18 18:40:54 (UTC+0)
fnegri moved this task from Unsorted to Security on the Cloud-VPS board.Jul 11 2023, 10:48 AM2023-07-11 10:48:54 (UTC+0)