Professional Documents
Culture Documents
Prasanna
11/27/2020 1.0 Cycle 1 Execution Kolluru Swaroop. Malladi
Defect
S.No Defect Id Test Script Id Module Name Category Severity Priority Defect Description Reported By
Status
Title:
Admin:Settings--General Settings--When we change the Theme,
Audit trail is not recorded
Steps to Reproduce:
1. Login to PRISM and navigate to settings under Admin Module
2. Click o Theme Dropdown and select a value
Freyr PRISM Freyr PRISM V3 0
3. Click on Save button
1 V3.0.0_Defec 0_OQ_Admin_Settings_Module_ Admin Settings Functionality Minor Medium New Srinija G
4. Click on Audit button
tID_001 Scripts
Actual Behaviour:
No Updates to show is displayed mandatory fields
Expected Behaviour:
No Updates to show is displayed
Screenshot:
Please refer Screenshot: PRISM_001
Title:
Admin: Settings--Affiliates--Company is displayed in the success
message when we create New Affiliate
Steps to Reproduce:
1. Login to application and navigate to Settings under Admin module
2. Go to Affiliates
3. Click + Button
Freyr PRISM Freyr PRISM V3 0
4. Enter all details and click save button
2 V3.0.0_Defec 0_OQ_Admin_Settings_Module_ Admin Settings Functionality Major Low New Srinija G
Actual Behaviour:
tID_002 Scripts
Success message saying 'Company created successfully' is
displayed
Expected Behaviour:
success Message indicating 'Affiliate created successfully' should be
displayed
Screenshot:
Please refer Screenshot: PRISM_002
Title:
Products--Manage>Protocol--Protocol Information--When we Edit
record, Fields are not populated with values
Steps to Reproduce:
1. Login to application and navigate to products module
2. Select a investigational product and click manage button
3. Go to Protocol
4. Click + Protocol information
Freyr PRISM Freyr PRISM
5. Enter all details and click save button
4 V3.0.0_Defec V3.0.0_OQ_Products_Module_S Products Module Functionality Major High New Srinija G
6. Click +Protocol information
t_ID_004 cripts
7. Click cancel button
6. Select the created record in step 5 and click Edit from Actions
dropdown
Actual Behaviour:
Values are not populated in Edit page
Expected Behaviour:
values entered in step 5 should be auto-populated
Screenshot:
Please refer Screenshot: PRISM_004
Steps to Reproduce:
1. Login to PRISM and navigate to Products module
2. Select a Investigational product and click manage button
Freyr PRISM Freyr PRISM 3. Go to Protocol
5 V3.0.0_Defec V3.0.0_OQ_Products_Module_S Products Module Functionality Major High New 4. Click + Associate Study Number Srinija G
tID_005 cripts 5. Click Save button after entering values
6. Click + save button without entering any details
Actual Behaviour:
Record created successfully
Expected Behaviour:
Error indicating mandatory fields should be displayed
Screenshot:
Please refer Screenshot: PRISM_005
Title:
Products--Manage--Protocol--Protocol Documents--'Consider for
EVMPD' is not available while adding document but, field is
displayed in Audit window
Steps to Reproduce:
1. Login to application and navigate to Products module
2. Select a investigational product and click manage button
3. Go to Protocol
4. Go to Protocol Documents
Freyr PRISM Freyr PRISM
5. Click +Document button
6 V3.0.0_Defec V3.0.0_OQ_Products_Module_S Products Module Functionality Major Medium New Srinija G
6. Select a document and click Upload
tID_006 cripts
7. Enter all details and click save button
8. Select the created record and click Audit from Actions dropdown
Actual Behaviour:
'Consider for EVMPD' is not available while adding document but,
field is displayed in Audit window
Expected Behaviour:
All the details entered in step 7 should be displayed in Audit window
Screenshot:
Please refer Screenshot: PRISM_006
Steps to Reproduce:
1. Login to application and navigate to Products module
2. Select a Investigational product and click manage button
3. Go to Protocol
Freyr PRISM Freyr PRISM 4. Click +protocol information
7 V3.0.0_Defec V3.0.0_OQ_Products_Module_S Products Module Functionality Major Low New 5. Enter all details and click save button Srinija G
tID_007 cripts 6. Go to Protocol documents
7. Click Show Unlinked documents checkbox
8. Click on Actions dropdown
Actual Behaviour:
Audit option is enabled
Expected Behaviour:
All the options should be disabled
Screenshot:
Please refer Screenshot: PRISM_007
Title:
Products--Able to create duplicate product through cloning process
Steps to Reproduce:
1. Login to application and navigate to products module
2. Click + button
Freyr PRISM Freyr PRISM 3. Enter all details and click save button
8 V3.0.0_Defec V3.0.0_OQ_Products_Module_S Products Module Functionality Major Medium New 4. Select the created record and click clone from actions dropdown Srinija G
tID_008 cripts 5. Enter all details same as entered in step 3 and click save button
Actual Behaviour:
Product created successfully
Expected Behaviour:
Error indicating 'Product already exists' should be displayed
Screenshot:
Please refer Screenshot: PRISM_008
Title:
Application should retrieve all the Application data, Electronic record
Freyr PRISM & Audit log files into application
Freyr PRISM
9 V3.0.0_Defec ERES Functionality Minor Medium New Steps to Reproduce: Gnanendar A
V3.0.0_OQ_ERES_Scripts
tID_009 Back up and restoration steps will be executed in Cycle 2
Screenshot:
NA
Title:
A limitation has been found in the OWASP ZAP tool due to which a
defect has been raised with regards to SQL. But when tried to
replicate the defect by providing values manually the tool was
handling the values as expected (SQL injection may be possible)
Steps to Reproduce:
SQL error is produced by the tool, but manually it is working as
Freyr PRISM expected.
Freyr PRISM
11 V3.0.0_Defec Penetration Testing Security Major High New Actual Behaviour: Ketan D
V3.0.0_Penetration_Test_Scripts
tID_011 High level issues have been identified.
Expected Behaviour:
Application should not have any high level issues.
Screenshot:
Please find the attachment for report.
Additional Information:
NA
Title:
Observed "Remote OS Command Injection" High vulnerablity in ZAP
active scan report.
Steps to Reproduce:
1. Record the applicaiton through ZAP proxy tool.
2. Perform spidering on the recorded site.
3. Perform active scan on the recorded site.
4. Verify the scan progress is 100%
Freyr PRISM 5. Generate HTML report and verify if there any vulnerablites
Freyr PRISM
12 V3.0.0_Defec Penetration Testing Security Major High New observed in the report. Ketan D
V3.0.0_Penetration_Test_Scripts
tID_012 Actual Behaviour:
Observed "Remote OS Command Injection" High vulnerablity in ZAP
active scan report.
Expected Behaviour:
There should not be any vulnerablities in the active scan report.
Screenshot:
N/A
Additional Information:
Report provided in the Pentration cycle folder.
Title:
Observed "Cookie No HttpOnly Flag" Low vulnerablity in ZAP active
scan report.
Steps to Reproduce:
1. Record the applicaiton through ZAP proxy tool.
2. Perform spidering on the recorded site.
3. Perform active scan on the recorded site.
4. Verify the scan progress is 100%
Freyr PRISM 5. Generate HTML report and verify if there any vulnerablites
Freyr PRISM
14 V3.0.0_Defec Penetration Testing Security Major Medium New observed in the report. Ketan D
V3.0.0_Penetration_Test_Scripts
tID_014 Actual Behaviour:
Observed "Cookie No HttpOnly Flag" Low vulnerablity in ZAP active
scan report.
Expected Behaviour:
There should not be any vulnerablities in the active scan report.
Screenshot:
N/A
Additional Information:
Report provided in the Pentration cycle folder.
11/9/2020
11/27/2020
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page:
Fix Implemented:
TIRUMALA RAO K. Verified the code and fixed.
NA
KODUMURI Impacted Code/ Functionality:
"/Login and /Dashboard" page: