Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Primary mentor

Isaac Sears

Backup mentor

N/A

Assigned to

N/A

Abstract

Late last year, OpenMRS began collaborating with researchers from North Carolina State University (NCSU) to better secure the OpenMRS Reference Application. NCSU researchers, using cutting-edge security assessment techniques, have identified almost 300 distinct security issues. Many of those issues are relatively low-complexity, requiring one-line patches. This is a great opportunity for students who are interested in software security to get first-hand experience in the field.

Project Champions

Objectives

  1. (First priority) Patch up to 50 XSS vulnerabilities
  2. (Second priority) Implement up to 25 authorization checks where they are lacking
  3. (Third priority) Implement safe exception handling for up to 10 HTTP 500 errors

Extra Credits

  1. Take on responsibility for patching more complex security issues

Skills Required

  1. Javascript, HTML
  2. Java

Skills Recommended

  1. Experience with .jsp and/or .gsp frontend templating languages
  2. Basic knowledge of common web application security vulnerabilities

Resources

  • No labels