You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/03/09 03:37:04 UTC
[GitHub] [couchdb] nkev commented on issue #2642: v3.0 Possible security
issue - no login required via http://127.0.0.1:5984
nkev commented on issue #2642: v3.0 Possible security issue - no login required via http://127.0.0.1:5984
URL: https://github.com/apache/couchdb/issues/2642#issuecomment-596316418
I just tried logging out and it said I was logged out (see 1 below) but the `Logout` link at the bottom left did not change to `Login` and I could still access everything (see 2 below) without even changing to 127.0.0.1:
The only thing I have different from a vanilla install is I have an additional admin user called `nuri` that has the same password as the `admin` user.
I uninstalled CouchDB (deleted `app` file in applications) and reinstalled with no luck. Please let me know if you need me to send you any kind of log file (tell me where it is too please).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services