MantisBT: master b2da7352
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
dregad | dregad | master | 2020-12-06 13:43 | master 9322c8c9 |
Affected Issues | 0027357: Attacker can leak private information via different functionality | |||
0027728: CVE-2020-29604: Full disclosure of private issue contents, including bugnotes and attachments | ||||
Changeset | Prevent full private issue disclosure Missing access check in bug_actiongroup.php allows an attacker with Credits to d3vpoo1 (https://gitlab.com/jrckmcsb) for reporting the issue. |
|||
mod - bug_actiongroup.php | Diff File |