Skip to content

Releases: UnicisTech/unicis-platform-ce

[Security] 2024-25-08

25 Aug 19:53
@stepcellwolf stepcellwolf
v2024-25-08
ecf238a
Compare
Choose a tag to compare
[Security] 2024-25-08 Latest
Latest

Release date: 2024-25-08

Security fixed and patched vulnerabilities from pentest report per severity:

High: API accessible without authentication
Medium: No rate limit on forgot password request
Medium: No account lockout implementation
Low: When an unexpected input was supplied to the API
Low: Cookie lacks HTTP-Secure attribute
Low: Excessive info disclosure
Low: Clickjacking on login page
Low: HSTS header missing from response
Check for excessive information disclosure in API response (OWASP A01-Broken Access Control)

Link: https://www.unicis.tech/docs/platform/unicis-platform-changelog
Blogpost: https://www.unicis.tech/blog/unicis-platform-2024-pentest-security-update

Assets 2
Loading

[Beta2] 2024-07-01

02 Jul 17:25
@stepcellwolf stepcellwolf
2024-07-01
0b3ec46
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
[Beta2] 2024-07-01

Release date: 2024-07-01

  • Tasks, Breadcrumbs
  • Dashboard
    • Tasks
      • Total number of tasks
      • Pie chart per status
    • Record of processing activities:
      • Total number of records
      • Total number of enabled data transfer
      • Total number per Country
    • Transfer Impact Assessment
      • Total number of assessment
      • Total number of assessments per country (only the listed countries)
      • Number per authorizations: PERMITTED and NOT PERMITTED
    • Cybersecurity Controls (only for selected control)
      • Total number of controls
      • Pie chart
      • Spider chart
  • Billing
  • Bug fix
  • npm audit fix
Assets 2
Loading