-
Notifications
You must be signed in to change notification settings - Fork 3
Activity 7 Questions
Wyatt Tauber edited this page Nov 24, 2019
·
2 revisions
- Provide a link to the test cases you generated for this activity.
- How would you fix your code so that this issue is no longer present?
This issue was introduced for the purposes of meeting this activity. The issue would be resolved through removing the command parameter from the /addsuser endpoint.
One potential reason for why this parameter would exist is so that a previous developer could have a default command run whenever a new user was added (possibly to send a Slack message, possibly to update logs, possibly to ring a bell - the possibilities are endless) but that our team has "not removed it yet for some reason", creating the vulnerability.
footer