Actions
Bug #6233
closedSecurity issue - consultation seens by others
Start date:
11/21/2023
Due date:
% Done:
0%
Estimated time:
Description
We have security issue :
- Admin can see websocket notification of consultation not sent by him and consultation not in his queue.
- Admin can see on page refresh consultation not in his queue.
- Doctor and Admin can see all opened consultations while he should see only him.
Doctor and Admin should have same behaviour.
Updated by Olivier Bitsch about 1 year ago
- Status changed from In Study to Rejected
Admin can see everything !
Actions