MantisBT: master-2.28 6e58fae4
| Author | Committer | Branch | Timestamp | Parent |
|---|---|---|---|---|
| dregad | community | master-2.28 | 2026-05-06 19:33 | master-2.28 029d9d20 |
| Affected Issues | 0037089: CVE-2026-42070: REST/SOAP mc_issue_update Embedded Note Update Bypasses Note-Level Authorization | |||
| Changeset | Fix Bugnote udpate auth bypass via REST/SOAP API Add a note-level permission check in mc_issue_update() to ensure the Fixes 0037089, GHSA-pq86-j2c2-47f6 / CVE-2026-42070 |
|||
| mod - api/soap/mc_issue_api.php | Diff File | |||
