Project

General

Profile

Actions

Defect #37171

closed

Ability to change the issue category or issue target version with nonexistent value for the specific project

Added by Nikola Milanov over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
High
Category:
Security
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

Hi there,
I found a way to change category with nonexistent ID for the specific project.
I will try to explain it in more details (the user making the change has access to the project)
1. User start editing the ticket (click "Edit" button)
2. Right click on Category field and choose "Inspect" (Developer's tool)
3. Then we change the value of the category to one that is not in the project
4. Click "Submit" button and we save the ID of category that not exist for the specific folder.

Is there any way to make to verify that this category is in the project to avoid this kind of changes?

Cheers


Files

Actions

Also available in: Atom PDF