MantisBT: master fc7668c8
| Author | Committer | Branch | Timestamp | Parent |
|---|---|---|---|---|
| atrol | dregad | master | 2019-08-28 01:39 | master-2.22 a7413daa |
| Affected Issues | 0026091: CVE-2019-15715: [Admin Required - Post Authentication] Command Execution / Injection Vulnerability | |||
| Changeset | Prevent arbitrary shell command execution Prior to this, Administrators were able to edit 'dot_tool' and These can now only be set in the config_inc.php file. Fixes 0026091, CVE-2019-15715 Signed-off-by: Damien Regad dregad@mantisbt.org Original commit message reworded, added CVE reference. |
|||
| mod - config_defaults_inc.php | Diff File | |||
