Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix security issues #75

Open
kelson42 opened this issue Dec 15, 2022 · 1 comment
Open

Fix security issues #75

kelson42 opened this issue Dec 15, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@kelson42
Copy link
Collaborator

  • [critical] Remote code execution on metrics.kiwix.org: metrics.kiwix.org hosts a vulnerable Kibana instance which may lead to full website compromise. Suggested Fix: Upgrade “Kibana” software to mitigate this vulnerability
  • [medium] open redirect on metrics.kiwix.org: metrics.kiwix.org does not properly check the request and may redirect legitimate
    users to phishing or malicious websites with a URL like https://metrics.kiwix.org//evil.com/*
@kelson42 kelson42 added the bug Something isn't working label Dec 15, 2022
@kelson42
Copy link
Collaborator Author

@rohitmishra666 Honestly this is a pretty big and complicated job. I you are somekind of senior or/and know the platform used there, glat do get your help, otherwise I would not recommend to put your nose in this ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kelson42