Bug #48: Validate actual file content, not just extension or MIME. - Tingg - Redmine

Actions

Copy link

Bug #48

closed

Epic #25: Malicious File Upload Prevention

Story #28: Block Malicious Filenames (Double Extension, Null Byte, Meta Characters)

Validate actual file content, not just extension or MIME.

Added by rashmita rout about 1 month ago. Updated about 1 month ago.

Status:

Closed

Priority:

Medium

Assignee:

Suman dobriyal

Target version:

Start date:

01/08/2026

Due date:

% Done:

100%

Estimated time:

Work Type:

Bug Fix

Technical Area:

Bug Origin:

Sprint

Customer Impact:

Planned Sprint:

Completed In Sprint:

Spillover Reason:

Deployment Reference URL:

Description

Link:-https://dev.career.techeela.net/application/create

If a corrupted file is changed with acceptable file extension then it should not accept at FE. shell.php renamed as image.jpg bypasses validation.

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Tingg

Custom queries

Bug #48

Validate actual file content, not just extension or MIME.

Updated by Suman dobriyal about 1 month ago

Updated by Suman dobriyal about 1 month ago

Updated by rashmita rout about 1 month ago

Updated by rashmita rout about 1 month ago

Updated by Suman dobriyal about 1 month ago

Updated by rashmita rout about 1 month ago