Results 1 to 5 of 5
Like Tree1Likes
  • 1 Post By bishoirizkalla

Thread: proposal security breach!

  1. June 5th, 2016 #1
    bishoirizkalla
    bishoirizkalla is offline
    Thread Starter
    Expired Customer bishoirizkalla's Avatar
    Join Date
    Oct 2015
    Posts
    83
    Thanks
    1
    Thanked 0 Times in 0 Posts

    proposal security breach!

    I have found another major security breach.

    1. one user logs in, and enters his/her proposal amount and delivery time & logs out.
    2. another user logs in - and when clicking on the project to enter his/her proposal - the amount & delivery time of the previous user is already displayed in the proposal amount & delivery time!!

    considering I have switched off the feature to see other amounts, I do not want a user to see what the previous person entered!!!

    this is a security issue and major bug - please fix.

    and for your information - I tried it in both internet explorer & chrome - meaning its got nothing to do with the cache/cookies being saved!

    the first user saved his proposal in chrome....then the next user logged in via IT and the data was displayed!

    - - - Updated - - -

    I just realised it displays the average proposed quote & average delivery time

    can this be switched off??
  2. June 7th, 2016 #2
    dimitris
    dimitris is offline
    dimitris's Avatar
    Join Date
    Oct 2011
    Location
    Earth
    Posts
    20,617
    Thanks
    222
    Thanked 1,873 Times in 1,770 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
  3. June 7th, 2016 #3
    bishoirizkalla
    bishoirizkalla is offline
    Thread Starter
    Expired Customer bishoirizkalla's Avatar
    Join Date
    Oct 2015
    Posts
    83
    Thanks
    1
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
  4. June 14th, 2016 #4
    dimitris
    dimitris is offline
    dimitris's Avatar
    Join Date
    Oct 2011
    Location
    Earth
    Posts
    20,617
    Thanks
    222
    Thanked 1,873 Times in 1,770 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
  5. June 14th, 2016 #5
    bishoirizkalla
    bishoirizkalla is offline
    Thread Starter
    Expired Customer bishoirizkalla's Avatar
    Join Date
    Oct 2015
    Posts
    83
    Thanks
    1
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    dimitris likes this.
« nowhere to edit forms | custom colour in child theme »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Add attachment to proposal
    By ronschloss in forum Help Using HireBee
    Replies: 2
    Last Post: April 14th, 2016, 07:07 AM
  2. [SOLVED] Sidebar proposal
    By weiching in forum More Memberships for ClassiPress
    Replies: 0
    Last Post: April 9th, 2015, 05:05 AM
  3. How do you accept a proposal?
    By galena in forum Help Using HireBee
    Replies: 1
    Last Post: January 20th, 2015, 03:59 AM
  4. [SOLVED] delete proposal
    By ixook in forum Report HireBee Bugs
    Replies: 10
    Last Post: January 11th, 2015, 01:40 PM
  5. Is using Jobroller in breach of local employment agency laws?
    By jeffagogo in forum JobRoller General Discussion
    Replies: 8
    Last Post: December 21st, 2011, 04:43 AM