Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-21435

The Advice description from Security Vulnerabilities section is not complete anymore

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 15.5.4
    • 15.5.3
    • Extension - Security
    • None
    • Windows 11 Pro, Firefox 118, using a local instance of XWiki 15.5.3 on MySQL 8.1, Tomcat 9.0.82
    • Unknown
    • N/A
    • N/A

    Description

      Steps to reproduce

      1. Login as Admin
      2. Install an extension with a known vulnerability (if the case, in order to populate the Security Vulnerabilities Live Data table)
      3. Go to Administer Wiki > Extensions > Security Vulnerabilities
      4. Trigger a new scan
      5. Observe the description from 'Advice' column

      Expected results

      The Advice description for the respective entry is complete, e.g.:

      Once a new version with a fix is available, this extension can be upgraded from the extension manager.

      Actual results

      The Advice description is incomplete:

      Once a new version with a fix is available, this extension can be upgraded from the {0}.

      The issue does not reproduce on XWiki 15.5.2, where the Advice description is different.

      However, on XWiki 15.8, the description is the same as in 15.5.3, but complete (mentioned above on Expected results) where the last 2 words "extension manager" is a link.

      Attachments

        1. Advice_Security_15_5_2.png
          75 kB
          Ilie Andriuta
        2. Advice_Security_15_5_3.png
          64 kB
          Ilie Andriuta

        Activity

          People

            mleduc Manuel Leduc
            iandriuta Ilie Andriuta
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: