Hello,
There is a security vulnerability in the way senaite.astm communicates with senaite.core.
senaite-astm-server --listen 0.0.0.0 --port 10001 --url http://admin:mypassword @172.16.50.8:8080/seniate --consumer senaite.core.lis2a.import --message-format json
The user credentials are displayed in the URL, making them visible in process listings (ps aux), logs, etc. HTTP is also a problem.
Is there any alternative to this?