MantisBT: master-1.2.x c8813734
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master-1.2.x | 2012-12-06 03:39 | master-1.2.x 179bfc01 |
Affected Issues | 0015258: CVE-2013-1811 Reporter can change issue status to 'new' | |||
Changeset | Prevent reporters from changing issue status to 'new' Due to a missing access level check in html_button_bug_update(), in some The code now checks that the user has at least 'update_bug_threshold' Fixes 0015258 |
|||
mod - core/html_api.php | Diff File |