Replies: 3 comments 1 reply
-
|
Thank you for the notification! See the dedicated issue we've created: #3044 (planned in this sprint) |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
We've added the need to have admin permissions to acces the |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I can still see the users without being logged into the portal.
|
Beta Was this translation helpful? Give feedback.
1 reply
-
|
It wasn't deployed in production already. It has been deployed since. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
It has been verified that the application present at data.gouv.fr is not validating permissions correctly of users.
It is possible for any unauthenticated user to view all users.
Page where the access control failure was identified:
Suggestion:
The application must validate the user's role/position and permissions and ensure that only those with the due permissions.
Beta Was this translation helpful? Give feedback.
All reactions