Internet2 Confluence maintenance on Friday March 29 th at 9 p.m EDT. Questions? Contact techsupport@internet2.edu.
Log in
Skip to sidebar
Skip to main content
Linked Applications
Loading…
Internet2 Wiki
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
Grouper
Pages
Blog
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
Grouper Wiki Home
Grouper Administration Guides
Tools & Topics for Ongoing Administration
Grouper Security Issues
Page Information
Title:
Grouper Security Issues
Author:
Michael Hyzer
Jul 28, 2013
Last Changed by:
Chris Hyzer (upenn.edu)
Nov 27, 2023
Tiny Link:
(useful for email)
https://spaces.at.internet2.edu/x/zwVkAg
Export As:
Word
·
PDF
Incoming Links
Grouper (1)
Page:
Grouper Administration Guides
Hierarchy
Parent Page
Page:
Tools & Topics for Ongoing Administration
Children (6)
Page:
Grouper Bug GRP-880 - Deleting an attributeDef can cause incorrect membership deletes
Page:
Grouper Bug GRP-911 and GRP-924 - Unauthorized users can delete attribute assignments
Page:
Grouper Bug GRP-923 WS getGrouperPrivilegesLite can return more data than the user should be able to see
Page:
Grouper Bug GRP-928 - Grouper UI allows unauthorized users to view the privileges of other subjects
Page:
Grouper bug - GRP-5107 - authentication bypass
Page:
GRP 519 - A bug in the Grouper UI allows unauthorized users to view user audit logs by URL manipulation
Labels
There are no labels assigned to this page.
Recent Changes
Time
Editor
Nov 27, 2023 18:27
Chris Hyzer (upenn.edu)
View Changes
Nov 04, 2023 03:59
Chris Hyzer (upenn.edu)
View Changes
Nov 09, 2020 17:42
Chris Hyzer (upenn.edu)
View Changes
May 14, 2020 19:57
Chris Hyzer (upenn.edu)
View Changes
Apr 24, 2019 14:17
Chris Hyzer (upenn.edu)
View Page History
Outgoing Links
External Links (22)
https://bugs.internet2.edu/jira/browse/GRP-2110
https://spaces.at.internet2.edu/display/Grouper/Security+Ad…
https://bugs.internet2.edu/jira/browse/GRP-880
https://spaces.at.internet2.edu/display/Grouper/Grouper+Sec…
https://bugs.internet2.edu/jira/browse/GRP-1222
shibboleth.net/community/lists.html
mailto:grouper-core@internet2.edu
https://bugs.internet2.edu/jira/browse/GRP-1838
https://todos.internet2.edu/browse/GRP-3015
https://bugs.internet2.edu/jira/browse/GRP-519
https://bugs.internet2.edu/jira/browse/GRP-928
https://spaces.at.internet2.edu/display/Grouper/Grouper+Dow…
https://bugs.internet2.edu/jira/browse/GRP-1875
https://bugs.internet2.edu/jira/browse/GRP-911
https://todos.internet2.edu/browse/GRP-2705
https://bugs.internet2.edu/jira/browse/GRP-924
https://spaces.at.internet2.edu/pages/viewpage.action?pageI…
https://bugs.internet2.edu/jira/browse/GRP-923
https://bugs.internet2.edu/jira/browse/GRP-934
https://todos.internet2.edu/browse/GRP-5107
https://bugs.internet2.edu/jira/browse/GRP-1876
https://bugs.internet2.edu/jira/browse/GRP-1227
Grouper (8)
Page:
Grouper UI csrf xsrf prevention
Page:
Grouper Bug GRP-928 - Grouper UI allows unauthorized users to view the privileges of other subjects
Page:
Grouper Bug GRP-923 WS getGrouperPrivilegesLite can return more data than the user should be able to see
Page:
GRP 519 - A bug in the Grouper UI allows unauthorized users to view user audit logs by URL manipulation
Page:
Grouper Bug GRP-880 - Deleting an attributeDef can cause incorrect membership deletes
Page:
Grouper bug - GRP-5107 - authentication bypass
Page:
Externalize and encrypt grouper passwords morphString morph
Page:
Grouper Bug GRP-911 and GRP-924 - Unauthorized users can delete attribute assignments
Overview
Content Tools
{"serverDuration": 93, "requestCorrelationId": "8c5b1e33a3e97a78"}