Security Hall of Fame
On this page, we recognize the people who have identified and responsibly disclosed security vulnerabilities to us. Thank you!
| Name | Scope | Vulnerability | Reported Date |
|---|---|---|---|
| Stanislav Kravchenko | dhis2-core | Unclaimed NPM dependencies | 2022-06-16 |
| Michael Kunz | dhis2-core | XSS in user upload images | 2022-01-07 |
| Charles Yang | dhis2-core | XSS via crafted user-agent | 2021-07-23 |
| Kunal Mhaske | dhis2.org | Missing HTML X-Frame-Options | 2021-02-06 |
Vulnerability Policy
You can learn more about the DHIS2 process for reporting and disclosing security vulnerabilities on our Vulnerability Policy page.