[MGNLDAM-1131] Replace SVGValidator in DAM module for BinaryValidator: 6.2x Created: 02/Mar/23  Updated: 19/Mar/23  Resolved: 16/Mar/23

Status: Closed
Project: Magnolia DAM Module
Component/s: None
Affects Version/s: 3.0.21
Fix Version/s: 3.1.0, 3.0.22

Type: Bug Priority: Neutral
Reporter: Alberto Soto Assignee: Alberto Soto
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: 1h
Time Spent: 1.5h
Original Estimate: Not Specified

Issue Links:
Cloners
is cloned by MGNLDAM-1133 Replace SVGValidator in DAM module fo... Closed
Relates
Template:
Acceptance criteria:
Empty
Task DoD:
[X]* Doc/release notes changes? Comment present?
[X]* Downstream builds green?
[X]* Solution information and context easily available?
[X]* Tests
[X]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[X]* Steps to reproduce, expected, and actual results filled
[X]* Affected version filled
Epic Link: XSS vulnerability over SVG uploads
Story Points: 3
Team: AuthorX
Work Started:

 Description   

Steps to reproduce

  1. Upload linked file to assets using "upload zip file"

Expected results

  1. Only 2 out of 5 files need to be uploaded

Actual results

It uses SVGValidator

Workaround

Development notes

Needs to include the last version from magnolia-core, included in branch 5.7 for BinaryValidator.


Generated at Mon Feb 12 05:06:34 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.