security
Hi everybody recently we have found that when creating a user, Nuxeo allows you to set some fields like firstName or lastName with HTML code. See examples below: curl -X POST -H "Content-Type: application/json" -u Administrator:Administrator -d '{ ...
2 votes
2 answers
7 comments
3806 views
I have found a serious security vulnerability in Nuxeo. How do I report it privately?
0 votes
1 answers
0 comments
1894 views
Is there a way to manage access rights on files and not only on a folders . I have implemented an Operation allowing me to grant or deny permissions, but it only works if the document is a folder or a workspace. If the path of the document points ...
0 votes
2 answers
0 comments
1881 views
Bonjour Je viens d'installer la dernière version de Nuxeo DM 5.4.2, tout c'est bien passé pendant l’installation (enfin je crois, je suis vraiment une débutante qui n'y connaît pas grand chose !). Mais quand je veux me connecter avec ...
0 votes
1 answers
1 comments
5362 views
We have a messy AD where not all email addresses are in lower case. Some are capitalized and some are not. Because of this, a user may login with USer@acme.com or user@acme.com . I see in the ACLS table that the permissions are stored both ways, ...
0 votes
1 answers
9 comments
2669 views
I was wondering if PHP Automation Client allows ACL requests or not? I need to know all the users with Write Permission on a document and I used following code but no joy! <?php $x=""; $id = "8f488a16-7683-465e-9cce-03016f818622"; //ID of the ...
0 votes
2 answers
1 comments
2536 views
I cannot see the browse permission in my nuxeo DM, is it a feature of another version? or do i have to create that permission, and if that is the case, how can i create that permission and where? i want to grant a browse permission to a specific ...
1 votes
3 answers
0 comments
3122 views
If the Administrator can “manage everything”, why are MS Word or MS PowerPoint documents always opened in “read-only” mode. How do we change this?
0 votes
1 answers
0 comments
1645 views
Can the user request a password reset automatically?
0 votes
1 answers
0 comments
1933 views
Is there an encryption capability in Nuxeo or would it be better to work with filesystem encryption features?
0 votes
2 answers
1 comments
2872 views
Can Nuxeo create a one time link such that once a file is downloaded the link becomes invalid (or it could be time limited as well perhaps as an alternative solution) ?
0 votes
1 answers
0 comments
1592 views