Bugs found in Osano SaaS: QAwerk Bug Crawl
Osano is a SaaS platform designed to ease the lives of businesses in terms of compliance with a never-ending array of privacy and data protection laws. Whether you need to follow the EU GDPR or the California CPA while constantly monitoring the latest policy changes, Osano has got you covered. Moreover, Osano addresses compliance issues in their full entirety. With this software, companies get to establish proper consent management on their websites, handle data subject access requests as required by law, and hire a GDPR representative instead of maintaining a physical presence in the EU. With Osano, you’ll be more aware of vendor risks and how to monitor them, you’ll be alerted of any policy changes so many vendors forget to announce, and informed of the consequences they entail. The vendor risks are not limited to policy updates; therefore, Osano also monitors if your vendors follow all the required protocols and warns you beforehand. Keeping up with all the new legislation in different countries seems like a daunting task for many brands, especially smaller ones that cannot afford a compliance team’s services. However, litigation processes because of privacy violations may be much more expensive, and that’s where Osano steps in. They do all the hard work by continuously monitoring international, federal, and state legislatures for new laws and then get back to you with clear-cut info on how these regulations can impact your business.
We have various SaaS products in our portfolio; however, we haven’t tested a data privacy platform until now. Stay tuned if you’d like to know the issues we found.
The user is able to remove admin’s rules for themself
Severity:
Critical
Steps to Reproduce:
- Go to https://www.osano.com/.
- Sign in to the platform.
- Click on Account – Users.
- Choose an admin – Set its Department.
- Remove the admin role and set any other – Save – Dashboard.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The only user registered has lost the admin role.
Expected Result:
The option to remove admin roles is disabled if there is a single user registered.
The added verified phone number is missing on the billing page
Severity:
Major
Steps to Reproduce:
- Go to https://www.osano.com/.
- Sign up to the platform.
- Click on Account – Account – Security.
- Check an added verified phone number for SMS Authentication.
- Click on Privacy Laws – Upgrade now.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The phone input is empty.
Expected Result:
The phone input displays the verified phone number, the same as in SMS Authentication.
First / Last name validation is missing
Severity:
Minor
Steps to Reproduce:
- Go to https://www.osano.com/.
- In the December 28 article, click on “Clicking here”.
- Set the invalid 1st and last names in the form.
- Fill in all fields, mark the checkboxes – Submit.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The page “Thanks for your interest! We’ll be in touch soon” shows up.
Expected Result:
“An invalid first and last name” message pops up.
The “Update” button is active before the user makes any changes
Severity:
Minor
Steps to Reproduce:
- Go to https://www.osano.com/ and click on Sign up for free.
- Go through all steps until Activate My Account modal.
- Click on any of two Edits.
- Without making any changes, click on Update.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The “Update” button is active before the user makes any changes.
Expected Result:
The “Update” button is not active before the user makes any changes.
400 Error while changing First / Last names in Account settings
Severity:
Minor
Steps to Reproduce:
- Go to https://www.osano.com/.
- Sign in to the platform.
- Click on Account – Account.
- Change the name and check the red hint.
- Open the Dev Tools and check the Network/Console tabs.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
400 Error appears though the name is changed successfully.
Expected Result:
The name is changed without any errors.
Multi-select to the Roles dropdown is missing
Severity:
Minor
Steps to Reproduce:
- Go to https://www.osano.com/.
- Sign in to the platform.
- Click on Account – Users.
- Choose any user – Set the roles.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The user is able to choose only 1 role in a row and has to open the drop-down again and again to add other roles.
Expected Result:
The user is able to add multiple roles at a time.
The input placeholder gets overlapped when the user hovers over the drop-down option
Severity:
Minor
Steps to Reproduce:
- Go to https://www.osano.com/.
- Sign in to the platform.
- Click on Account – Users.
- Choose any user – click on the Department input to get the auto-select dropdown.
- Set the cursor on any option from the dropdown.
Environment:
MacBook Pro 15” 2016 +
macOS Big Sur 11.1
Google Chrome 87.0.4280.88
Actual Result:
The input placeholder gets overlapped when the user hovers over the drop-down option.
Expected Result:
The input placeholder is displayed below the drop-down option with no overlapping.
Osano is an easy-to-use data privacy platform. It allows making a website compliant with CCPA, GDPR in a matter of minutes and enables monitoring all of your vendors’ privacy practices. While working with the platform, I found a couple of serious issues. For instance, a single user should not have an option to remove admin roles, and if the phone number is already added and verified, it should be automatically pulled into the input field of the billing page. I also stumbled across missing validations and a couple of minor UI issues.
