I've been pointed to them before. But tbh. I don't know what to do about
them. While I would agree that this is not great (and could be fixed),
you'd have much bigger problems if somebody you didn't want to, but had
access to your LMS. See the threads about people's LMS being used after
opening it up to the internet...
LMS has not been designed to be exposed to people you don't want to use
it. These reports are likely the result of someone running a bunch of
standard tests against any web UI they could find. But if he knew a
little about LMS (eg. if somebody was really interested in hacking LMS),
he'd have much more dramatic stuff to report.
Now let's see whether I can fix those "issues" easily.
--
Michael
them. While I would agree that this is not great (and could be fixed),
you'd have much bigger problems if somebody you didn't want to, but had
access to your LMS. See the threads about people's LMS being used after
opening it up to the internet...
LMS has not been designed to be exposed to people you don't want to use
it. These reports are likely the result of someone running a bunch of
standard tests against any web UI they could find. But if he knew a
little about LMS (eg. if somebody was really interested in hacking LMS),
he'd have much more dramatic stuff to report.
Now let's see whether I can fix those "issues" easily.
--
Michael