CRITICAL Security problem: Another Analytics account's data is visible in my account

Hello Support,

This must be the most serious defect I have spotted on Katalon (Analytics) so far, and it is really a disappointment to see that personal data of another account can be seen in my account.
I understand it is Beta, but this kind of security data spill should not happen with sensitive test data of different projects.
I am using Katalon for 5 months and introduced it in my company with enthusiasm. It is hard for us to keep the same enthusiasm and lobby for Katalon when such a security issue allows me to see details and test data of another tester’s account.

## OS (Windows 8.1 64bit):

## Katalon Studio Version (Katalon Studio Version: 5.3.0 Build: 1)

## Katalon Studio logs:

See attached .log file.

**## Steps to reproduce -
**I have Katalon set up to upload to two different Analytics projects:

  1. team/56/project/498
  2. team/56/project/59

Some uploads of my own executions either appear or are missing in my Analytics account. Instead, other data, of a Linux environment (which I do not have), and gaming project/website (that I have nothing to do with) appear in my Analytics account.

We are still here to support Katalon and help, as you are making a great job, but this needs to be solved as soon as possible.

Thank you,
Cornel Neacsu


Project Settings 2018-02-12 16.17.13.png

Hi @1455-Cornel,

Thank you for reporting this issue back to Katalon Team. Sorry for the technical issue. It has been marked highest priority and being investigated for root cause at the moment. Please bear with us!

Katalon team very much appreciate your support and understanding. We are working hard to improve the products.

Sorry again for any inconveniences,


Thank you for a very important heads-up, we really appreciate it.

The issue is caused by a bug which lets the result from an execution overwrite that from another execution when they are submitted at the very same time. We’ve deployed the fix and this will not happen again. We will also improve our process of code review and testing to prevent similar issues in the future, and introduce more protection layers to secure customers’ data.

There are also other bugs fixed in this release which prevents execution results from being imported, and those executions will end up being blank pages.

We are in the progress to reimport all wrongly parsed executions by all the bugs mentioned above.

Once again, thank you so much for using our products, and your valuable reports. We will try our best to serve you and other users better.


PS: We will remove screenshots showing execution in the original post.