Project

General

Profile

Actions
Copy link

Epic #25

open

Malicious File Upload Prevention

Added by rashmita rout about 2 months ago. Updated about 1 month ago.

Status:
New
Priority:
Medium
Assignee:
Tingg FE
Target version:
-
Start date:
01/05/2026
Due date:
% Done:

22%

Estimated time:
(Total: 0:00 h)
Work Type:
Platform
Technical Area:
Release Narrative:

Description

Objectives:-
Prevent malicious file uploads that could lead to remote code execution, malware propagation, unauthorized access, or system compromise.

Covers:-
1. File extension validation

2. MIME type validation

3. File size restrictions

4. Filename sanitization

5. Server-side enforcement

Subtasks 9 (5 open4 closed)

Story #26: Validate File Extension Using Whitelist NewTingg FE01/05/2026

Actions
Story #27: Restrict File Upload SizeNewTingg FE01/05/2026

Actions
Story #28: Block Malicious Filenames (Double Extension, Null Byte, Meta Characters)NewTingg FE01/07/2026

Actions
Bug #44: Validate actual file content, not just extension or MIME.NewAnkit Tiwari01/07/2026

Actions
Bug #45: Double extension file name should not be acceptable.ClosedSuman dobriyal01/08/2026

Actions
Bug #46: File containing more than single dot should be rejected.ClosedSuman dobriyal01/08/2026

Actions
Bug #47: high risk type files need to restrict to safe the system from attackers.ClosedSuman dobriyal01/08/2026

Actions
Bug #48: Validate actual file content, not just extension or MIME.ClosedSuman dobriyal01/08/2026

Actions
Bug #65: In picture choice and Logo upload section message are showing wrong. In logo section unable to upload anything.NewAnkit Tiwari01/19/2026

Actions
Actions
Copy link
 #1

Updated by rashmita rout about 2 months ago

  • Subtask #26 added
Actions
Copy link
 #2

Updated by rashmita rout about 2 months ago

  • Subtask #27 added
Actions
Copy link
 #3

Updated by rashmita rout about 2 months ago

  • Subtask #28 added
Actions
Copy link
 #4

Updated by rashmita rout about 2 months ago

  • Description updated (diff)
Actions
Copy link
 #5

Updated by rashmita rout about 2 months ago

  • Assignee set to Tingg FE
Actions
Copy link

Also available in: Atom PDF