MantisBT: master 75568c53
Author | Committer | Branch | Timestamp | Parent |
---|---|---|---|---|
atrol | atrol | master | 2012-06-03 00:53 | master 31d11568 |
Affected Issues | 0014016: CVE-2012-2692 Users with access level >= update_bug_threshold can delete any attachment | |||
Changeset | Additional patch to fix 0014016 First patch to fix the issue introduced access to undefined variable. |
|||
mod - api/soap/mc_issue_attachment_api.php | Diff File |