Issue History
Date Modified Username Field Change
2016-05-02 23:28 user493 New Issue
2016-05-02 23:28 user493 Issue generated from: 0003640

this user first logged onto the board at 2016-05-02 23:21 then got massive entry duplications at 2016-05-02 23:28

User deleted and now trying to fix all this mess 1 by 1

Kyle_Katarn,

Looks like a security flaw ?
What you mean with this?
I just understood from your description that a reporter is able to create an issue, which is a quite normal operation.

The provided information is not sufficient to provide any help in resolving the issue. A complete and detailed description is required for the support team to get a clear understanding of the problem.

Please explain what you do, what are the results you expect to get and what you actually get.

Also provide detailed, step-by-step instructions to reproduce the issue; the additional information listed below may also be useful:

• Exact version of PHP, Database, Web server, Browser and Operating System
• Relevant customizations (e.g. changes in config_inc.php, etc)
• Installed plugins or custom functions ?
• Was the MantisBT source code modified in any way ?

Looks like a malicious case since 45 issues where created simultaneously. All picked from the 45 latest issues, duplicated onto a single project (correction of my issue description)

Unable to reproduce, i just cleaned the mess

Seems the user was using the "Copy" operation of the "View Issues" page to copy multiple issues in one go.

There will be some options to prevent such operations in 1.3, see 0019261

ok thanks !

When will 1.3 get released ?

There is no hard release date for 1.3.
You could watch our blog or subscript to the Announcements Mailing List.

https://www.mantisbt.org/blog/
https://www.mantisbt.org/mailinglists.php

But this year ? later ?

I hope it will be this year.

This project is driven by volunteers working in their free time for it.
Contributors are stopping to contribute, new users are starting to contribute, ...
You never know what will happen.