Skip to content

Security: When the Bitbucket plugin is removed from System Console, all the previous values like OAuth Client, Secret, Encryption Key etc should also be removed #26

Open
Open
Security: When the Bitbucket plugin is removed from System Console, all the previous values like OAuth Client, Secret, Encryption Key etc should also be removed#26
Labels
Difficulty/3:HardHard ticketHelp WantedCommunity help wantedNeeds Mattermost ChangesRequires changes to the Mattermost Plugin tookitType/TaskA general taskUp For GrabsReady for help from the community. Removed when someone volunteers
@jfrerich

Description

@jfrerich
jfrerich
opened on May 25, 2021

From GH Comment: #5 (review)

4) When the Bitbucket plugin is removed from System Console, all the previous values like OAuth Client, Secret, Encryption Key etc should also be removed

Severity: Moderate

Steps:

  • Login as a sysadmin user and install the bitbucket plugin
  • Visit the bitbucket configuration page and enter all the details and save.
  • Now remove the bitbucket plugin.
  • Install the plugin again and visit the bitbucket configuration page.
  • Notice that the values are still being displayed even after being removed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Difficulty/3:HardHard ticketHelp WantedCommunity help wantedNeeds Mattermost ChangesRequires changes to the Mattermost Plugin tookitType/TaskA general taskUp For GrabsReady for help from the community. Removed when someone volunteers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions