0023175: [security] CVE-2017-12061: XSS in /admin/install.php script (dregad)
0023186: [security] Improve doc and notifications when admin dir is present (CVE-2017-12419) (dregad)
2 of 2 issue(s) resolved. Progress (100%). View Issues
0023179: [security] Login page no longer warns about 'admin' directory being present (dregad)
0023146: [security] CVE-2017-12061: XSS in /admin/install.php script (dregad)
0023181: [administration] Checks on login page are never executed if "admin" dir does not exist (dregad)
0023185: [security] Improve doc and notifications when admin dir is present (CVE-2017-12419) (dregad)
0023166: [security] CVE-2017-12062: XSS in manage_user_page.php (atrol)
5 of 5 issue(s) resolved. Progress (100%). View Issues
0021890: [db oracle] oracle, schema steps 203 204 fails
0021901: [db oracle] oracle, schema steps 209 fails
0021908: [security] Weakened security headers in 2.0.x
0022096: [timeline] My View page without timeline does not respect the $g_my_view_boxes_fixed_position setting
0022097: [ui] Inconsistent handling of collapsed sections between 1.3 and 2.0
0022180: [markdown] Markdown issues following implementation in 0017920
       0022167: [markdown] Markdown: poor handling of legacy multi-level quoted text (joel)
       0022344: [markdown] Markdown mismatches code start/end (joel)
       0022315: [markdown] Markdown converts " to " within code blocks and inline code (joel)
       0022190: [markdown] Markdown markup should be done with CSS classes, not inline styles (joel)
       0022181: [markdown] Markdown different rendering between inline code (single backtick) and ``` blocks (joel)
0016598: [reports] How to show "Category" in the tooltip of graphs?
0021138: [ui] Wrong display of sponsorship section
0021633: [bugtracker] Session id error
0021636: [customization] Summary by Severity and Priority graphs do not honor the customizations
0021678: [upgrade] After upgrade 1.2.19 -> 1.3.1 database structure still out of date.
0021716: [bugtracker] Remove report stay checkbox and always show "Report More Issues"
0021718: [ui] Manage menu plugin-specific pages are not highlighted
0021756: [ui] Confusing scrolling due to multiple scrollbars in main menu
0022192: [markdown] Markdown: provide option to view raw text
0022317: [ui] Empty menu when $g_view_filters = SIMPLE_ONLY;
0022539: [ui] Highlight issue title in the details page
0022189: [markdown] Provide Markdown syntax help
0022104: [ui] My View Page layout misses some boxes
0021376: [db schema] Error in upgrade process 1.2.17 --> 1.3.0
0021694: [ui] inconsistent presentation of required fields
0021712: [filters] No way to filter "negative" for checkbox custom fields
0022245: [ui] collapsed menu entry no clickable in complete visible area
0021113: [plug-ins] EVENT_LAYOUT_PAGE_HEADER no longer available (syncguru)
0022408: [custom fields] Custom field's value logged as changed in history, when it wasn't changed (dregad)
0021813: [ui] Modernize issue tagging user interface and experience (syncguru)
0020540: [attachments] Implement upgrade step to cleanup corrupt disk attachments after db->disk conversion (dregad)
0004454: [filters] 31 February ??? (syncguru)
0008167: [filters] Filter settings saved when using Anonymous account (cproensa)
0012458: [api soap] Problem with HTTP_AUTH and Web Services (rombert)
0017577: [performance] Improve print_user_option_list() performance (dregad)
0017826: [administration] Support disabling per project upload path (vboctor)
0020431: [db schema] Use utf8mb4 charset for new MySQL installations (dregad)
0022001: [api soap] FilterTest::testGetProjectClosedIssues should fail but does not (dregad)
0022291: [time tracking] Issue history box is narrower than other boxes above it on View Issue page (syncguru)
0022469: [time tracking] Enabling Time Tracking distorts View Issue Details page layout. (syncguru)
0022674: [timeline] Support scrolling for Timeline widget (syncguru)
0022839: [authentication] Deprecate MD5 login method and replace with BCRYPT hash (dregad)
0015281: [bugtracker] Consistent user interface for date fields (syncguru)
       0008957: [custom fields] Date Selector for Custom Fields (syncguru)
       0004454: [filters] 31 February ??? (syncguru)
       0021873: [filters] Use datetime picker for date ranges in filter (syncguru)
       0021874: [time tracking] Use datetime picker for date ranges in time tracking (syncguru)
       0015276: [custom fields] Custom field "Date" 31 days every month. (syncguru)
0019964: [authentication] Wrong anonymous rights application (dregad)
0020307: [printing] Print issue page needs to adjust formatting for tags and relationship handler (vboctor)
0020577: [plug-ins] Consistent use of EVENT_UPDATE_BUG_DATA (cproensa)
0020874: [ui] Content Security Policy blocked embedded images added by Chrome Extension (vboctor)
0022464: [custom fields] Loose type comparison can prevent custom field update (dregad)
0022840: [authentication] Don't expire user sessions when updating password hash after login method change (dregad)
0022841: [authentication] Don't truncate password when it exceeds db field size (dregad)
0022842: [code cleanup] Remove php_version_at_least() function from PHP API (dregad)
0023237: [performance] Project cache is not efficient with navbar project selection. (cproensa)
0022919: [time tracking] Time Tracking "auto count" is giving the wrong elapsed time (dregad)
0023227: [ui] When specifiying top_buttons display, the button on update screen has no styling. (atrol)
0021807: [ui] The required fields are not explicitly visible when updating, resolving or closing an issue (community)
0023202: [ui] Questionable order and functionality of top buttons on "View Issue" page (atrol)
0023112: [custom fields] Custom fields badly filtered when multi-projects (cproensa)
0023204: [performance] Unused and inefficient code in function layout_print_sidebar (atrol)
0023184: [bugtracker] AJAX calls with invalid endpoints fail with syntax error (dregad)
0023191: [time tracking] Unable to access time tracking reports (atrol)
0023144: [api rest] Support issue id as part of the path for REST API (vboctor)
0023143: [api rest] Support adding notes via REST API (vboctor)
0023131: [api rest] /api/rest/projects doesn't return child projects (vboctor)
0023139: [api rest] Notes returned by /issues REST API have incorrect timestamps (vboctor)
0023145: [api rest] Support deleting notes via REST API (vboctor)
0023187: [email] Update PHPMailer v5.2.23 to v5.2.24 (vboctor)
0023188: [bugtracker] Update GuzzleHttp from 6.2.3 to 6.3.0 (vboctor)
0023189: [markdown] Update Parsedown 1.6.2 to 1.6.3 (vboctor)
0023190: [code cleanup] Update PhpUnit from 4.8.35 to 4.8.36 (vboctor)
0022913: [email] Update disposable-email-checker to v3.0.1 using Composer (vboctor)
0022939: [code cleanup] Use Parsedown library v1.6.2 via Composer (vboctor)
0022940: [code cleanup] Update PHPMailer from 5.2.22 to 5.2.24 and use Composer (dregad)
0012313: [attachments] Can't open image attachments in browser windows (dregad)
0023159: [ui] Graph display is too faint and blurred (atrol)
0023087: [filters] Removing "Report an issue" permission removes user from Monitoring filter dropdown (atrol)
0023150: [html] Unused code and unused CSS delivered for obsoleted functionality (atrol)
0023141: [html] Unused CSS delivered (atrol)
0023116: [html] Due date field not displayed correctly when editing ticket (community)
0022730: [ui] 'Manage Configuration' tab usually does not highlight (dregad)
0023061: [ui] print_manage_menu() does not highlight active plugin pages (dregad)
0022813: [customization] Field is appearing in email notification but not used in UI. (joel)
0022984: [ui] Calendar doesn't show the correct date the first time it opens (dregad)
0022987: [code cleanup] Replace hardcoded language strings by translatable ones (dregad)
0022967: [ui] Questionable display of "Access Denied" on view_user_page (atrol)
0022981: [ui] Display of hardcoded string on view_user_page if e-mail address is empty (atrol)
34 of 90 issue(s) resolved. Progress (37%). View Issues