[Weak UI/UX] - When starting a discussion, 'Start Discussion' disabled, no obvious reason why #16554
Replies: 1 comment 1 reply
-
|
For those playing at home this is unrelated to my original post, there's no way to communicate on the referenced CVE. @Gauravp-NEC From memory I tried 2.2.x and 2.10.0, the relevant logic for code exec traces back to 2.2.x, there are other issues related to the API that mean that not only is it RCE, it's also (for unrelated reasons) a DoS and Dataset disclosure weakness. CKAN no longer support 2.7.x as far as I can tell, so I would suggest patching regardless. |
Beta Was this translation helpful? Give feedback.
-
|
@YoloClin , Thank you quick response. I apologies for the unrelated post here. I am deleting the post. |
Beta Was this translation helpful? Give feedback.
-
To reproduce:
This caught me, I found myself hacking HTML to understand why I couldn't start a discussion. I didn't see the category drop-down, which is user error but something that could be avoided. A better UX would be a hover message or to let the user click the button and tell them why, or just to remove the disabled flag and let JS validation execute (this looks like it might have behaved like that at some point).
Beta Was this translation helpful? Give feedback.
All reactions