View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0030533 | mantisbt | security | public | 2022-06-10 08:54 | 2022-06-24 04:05 |
Reporter | gatis | Assigned To | community | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 2.25.4 | ||||
Target Version | 2.25.5 | Fixed in Version | 2.25.5 | ||
Summary | 0030533: Wrong bugnote_user_edit_threshold value used when checking permissions to edit bugnote | ||||
Description | When bugnote_user_edit_threshold for the project is set lower than the default value in configuration, users with permissions lower than the default bugnote_user_edit_threshold can get proceed to edit the bugnote, but actual editing throws access denied exception. | ||||
Steps To Reproduce |
| ||||
Tags | No tags attached. | ||||
MantisBT: master 9596fdc8 2022-06-15 12:33 Committer: community Details Diff |
Fixed wrong bugnote_user_edit_threshold on update Because there was no check for correct $g_project_override in bugnote_update.php the default value of "bugnote_user_edit_threshold" was used instead of one set for the project. This caused problem that when project had lower user rights setting than the default access denied exception was thrown when editing bugnote. Fixes 0030533, PR https://github.com/mantisbt/mantisbt/pull/1818 |
Affected Issues 0030533 |
|
mod - bugnote_update.php | Diff File | ||
MantisBT: master 0c4ba874 2022-06-15 12:33 Committer: dregad Details Diff |
Fixed wrong bugnote_user_edit_threshold on update Because there was no check for correct $g_project_override in bugnote_update.php the default value of "bugnote_user_edit_threshold" was used instead of one set for the project. This caused problem that when project had lower user rights setting than the default access denied exception was thrown when editing bugnote. Fixes 0030533, PR https://github.com/mantisbt/mantisbt/pull/1818 (cherry picked from commit 9596fdc85260eaf29e04a4d8829f4f6fc0f6c5ed) |
Affected Issues 0030533 |
|
mod - bugnote_update.php | Diff File |