Hi everyone - this is a notice for the sake of transparency with regard to
a potential security vulnerability.
The Django team released security fixes related to potential SQL
injections. We've audited the Open Zaak code and found no vulnerable code
paths that make this exploitable.
To track this and prevent it in the future, I've created a Github issue:
We're delighted to see that OpenZaak now meet 12 out of 15 criteria of the
Standard for Public Code:
Of the remaining criteria, some may already be covered and only need
re-review and discussion, whereas others, like "Use plain English" would
require investing in improving the codebase and documentation.
We would like to hear what ambitions the community has this year to get
movement on meeting the Standard for Public Code.
Jan Ainali, Codebase Steward
jan(a)publiccode.net | +46762122776 | @jan_ainali
Foundation for Public Code https://publiccode.net