Project

General

Profile

Actions
Copy link

Bug #48

closed

Epic #25: Malicious File Upload Prevention

Story #28: Block Malicious Filenames (Double Extension, Null Byte, Meta Characters)

Validate actual file content, not just extension or MIME.

Added by rashmita rout about 1 month ago. Updated about 1 month ago.

Status:
Closed
Priority:
Medium
Assignee:
Suman dobriyal
Target version:
-
Start date:
01/08/2026
Due date:
% Done:

100%

Estimated time:
Work Type:
Bug Fix
Technical Area:
Bug Origin:
Sprint
Customer Impact:
Planned Sprint:
Completed In Sprint:
Spillover Reason:
Deployment Reference URL:

Description

Link:-https://dev.career.techeela.net/application/create

If a corrupted file is changed with acceptable file extension then it should not accept at FE. shell.php renamed as image.jpg bypasses validation.

Actions
Copy link
 #1

Updated by Suman dobriyal about 1 month ago

  • Status changed from New to In Progress
Actions
Copy link
 #2

Updated by Suman dobriyal about 1 month ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by rashmita rout about 1 month ago

  • Status changed from Resolved to Closed
Actions
Copy link
 #4

Updated by rashmita rout about 1 month ago

  • Status changed from Closed to New
Actions
Copy link
 #5

Updated by Suman dobriyal about 1 month ago

  • Status changed from New to Resolved
Actions
Copy link
 #6

Updated by rashmita rout about 1 month ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF