Project

General

Profile

Actions
Copy link

Defect #116

closed

svn password in clear text

Added by daniele guerra over 16 years ago. Updated over 16 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

I have found the svn user password in clear text into the html sourco of the projects settings page
(projects/settings/1).

This password is also in clear text into the mysql database.

This is a very critical security bug. Is possible to manage this password in hashing mode (like the admin password)???

Thank you

Related issues

Related to Redmine - Feature #7411: Option to cipher LDAP ans SCM passwords stored in the databaseClosed2011-01-22

Actions
Actions
Copy link

Also available in: Atom PDF