Vulnerabilities#

All known vulnerabilities are listed here so user’s can be aware of them and possibly avoid them.


Reporting#

Vulnerabilities should be reported using issues. To submit a private report, please send it to us via email: support@ds-wizard.org. Vulnerability issues are the top priority and resolved in the shortest time possible:

  1. Accept vulnerability issue report (GitHub or email)

  2. Verify and reproduce the issue, classify severity

  3. Publish as known vulnerability

  4. Design solution

  5. Implement the change and release a hotfix

  6. Move to solved vulnerabilities


Known Vulnerabilities#

No vulnerabilities has yet been found or reported.


Solved Vulnerabilities#

No vulnerabilities has yet been found or reported.


Basic Hints for Security#

  • Change or remove default users

  • Adjust default role after registrations based on your needs

  • Provide DSW through proxy with HTTPS (both client and server application)

  • Backup data regularly (e.g. daily)

  • Use secured SMTP (SSL)

  • Use strong passwords, esp. for administrator accounts