Vote #71467
完了Mass assignment security vulnerability
開始日:
2022/05/09
期日:
進捗率:
0%
予定工数:
Redmineorg_URL:
category_id:
30
version_id:
42
issue_org_id:
10390
author_id:
23638
assigned_to_id:
0
comments:
3
status_id:
5
tracker_id:
1
plus1:
0
affected_version:
closed_on:
affected_version_id:
説明
There are many security vulnerabilities in Redmine. Some are not dangerous (such as setting created_on and updated_on fields). Some are (posting news to the project you're not allowed to).
journals
Discussions:
http://www.redmine.org/boards/1/topics/29360
http://www.redmine.org/boards/2/topics/29343
--------------------------------------------------------------------------------
All actions for non-admin users should now be fixed.
--------------------------------------------------------------------------------
Please next time submit security issues to security at redmine dot org as requested on [[SubmittingBugs]].
--------------------------------------------------------------------------------
Admin Redmine さんが3年以上前に更新
- カテゴリ を Code cleanup/refactoring_30 にセット
- 対象バージョン を 1.3.2_42 にセット
いいね!0