Defect #10390: Mass assignment security vulnerability - Redmine

Actions

Copy link

Defect #10390

closed

Mass assignment security vulnerability

Added by John Yani over 12 years ago. Updated over 12 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Code cleanup/refactoring

Target version:

1.3.2

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Fixed

Affected version:

Description

There are many security vulnerabilities in Redmine. Some are not dangerous (such as setting created_on and updated_on fields). Some are (posting news to the project you're not allowed to).

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #10390

Mass assignment security vulnerability

Updated by John Yani over 12 years ago

Updated by Jean-Philippe Lang over 12 years ago

Updated by Jean-Philippe Lang over 12 years ago