[NMS-14015] Switch to using a java e-mail library instead of system mail - The OpenNMS Issue Tracker

XML

Word

Printable

Details

Type: Enhancement
Status: Resolved (View Workflow)
Priority: Minor
Resolution: Done
Affects Version/s: None
Fix Version/s: Meridian-2019.1.33, Meridian-2020.1.22, Meridian-2021.1.14, Meridian-2022.1.2, 29.0.9
Component/s: None
Security Level: Default (Default Security Scheme)
Labels:
- security

Story Points:
5
Sprint:
Horizon 22 - Feb 16 - Mar 2, Horizon 22 - Mar 2 - 16

Description

The current MailerServlet uses a system call to /bin/mail to send emails. This is vulnerable to command injection. We should switch to something like Simple Java Mail or Spring email support.

Attachments

Activity

People

Assignee:: Alex May

Reporter:: Alex May

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/Feb/22 4:06 PM

Updated:: 24/Mar/22 3:31 PM

Resolved:: 16/Mar/22 1:32 PM

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.