Project

General

Profile

Actions
Copy link

Feature #36992

closed

redmine computed custom field

Added by ashraf alzyoud about 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Custom fields
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Wont fix

Description

i think this plugin must be by default in core redmine
all users need it

Related issues

Related to Redmine - Feature #1712: add custom fields that are calculations of other fieldsNew2008-07-30

Actions
Actions
Copy link
 #1

Updated by Holger Just almost 2 years ago

  • Related to Feature #1712: add custom fields that are calculations of other fields added
Actions
Copy link
 #2

Updated by Holger Just almost 2 years ago

  • Status changed from New to Closed
  • Resolution set to Wont fix

The plugin (and its various forks) rely on administrators entering raw Ruby code which is then evaluated. This effectively results in the plugin being an unmitigated remote-code-execution vulnerability which goes against the security guarantees of Redmine.

As such, this plugin will never be part of Redmine and I would strongly recommend to not use it anywhere because of the incredible security risks it brings.

Actions
Copy link

Also available in: Atom PDF