mahara-contributors team mailing list archive
-
mahara-contributors team
-
Mailing list archive
-
Message #09336
[Bug 1016253] Re: Authenticated RSS feeds should encrypt login credentials
** Changed in: mahara
Status: New => Triaged
** Changed in: mahara
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1016253
Title:
Authenticated RSS feeds should encrypt login credentials
Status in Mahara ePortfolio:
Triaged
Bug description:
The externalfeed block should protect user credentials when
authenticated RSS feeds are used. The blocktype in Mahara 1.5.1
appears to store login credentials in cleartext within the database.
This presents an unfortunate vulnerability that could give access to
other systems should Mahara's database be compromised.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1016253/+subscriptions
References