Defect #10390: Mass assignment security vulnerability - Redmine

Actions

Copy link

Defect #10390

closed

Mass assignment security vulnerability

Added by John Yani about 13 years ago. Updated about 13 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Code cleanup/refactoring

Target version:

1.3.2

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Fixed

Affected version:

Description

There are many security vulnerabilities in Redmine. Some are not dangerous (such as setting created_on and updated_on fields). Some are (posting news to the project you're not allowed to).

History
Notes
Property changes
Associated revisions

Updated by Jean-Philippe Lang about 13 years ago

Category set to Code cleanup/refactoring
Status changed from New to Closed
Target version set to 1.3.2
Resolution set to Fixed

Actions

Copy link

Also available in: Atom PDF

Project

General

Custom queries

Profile

Redmine

Defect #10390

Mass assignment security vulnerability

Updated by John Yani about 13 years ago

Updated by Jean-Philippe Lang about 13 years ago

Updated by Jean-Philippe Lang about 13 years ago