View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0013736 | mantisbt | security | public | 2012-01-07 16:21 | 2014-09-23 18:05 |
Reporter | rombert | Assigned To | rombert | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Target Version | 1.2.9 | Fixed in Version | 1.2.9 | ||
Summary | 0013736: mc_issue_get_id_from_summary incorrectly checks for permissions | ||||
Description | mc_issue_get_id_from_summary. It does not take into account whether the issue is private and as a result will always reveal whether or not a private issue with a specified summary exists -- even if the user does not have permission to know about private issues. | ||||
Tags | No tags attached. | ||||
MantisBT: master-1.2.x 35aed248 2012-03-03 09:38 Details Diff |
Correct access checks in mc_issue_get_id_from_summary Fixes 0013736: mc_issue_get_id_from_summary incorrectly checks for permissions |
Affected Issues 0013736 |
|
mod - api/soap/mc_issue_api.php | Diff File | ||
MantisBT: master 4dd69a55 2012-03-03 09:41 Details Diff |
Correct access checks in mc_issue_get_id_from_summary Fixes 0013736: mc_issue_get_id_from_summary incorrectly checks for permissions |
Affected Issues 0013736 |
|
mod - api/soap/mc_issue_api.php | Diff File |