0022373: Reporter can edit other reporter's issues?

ID	Project	Category	View Status	Date Submitted	Last Update
0022373	mantisbt	security	public	2017-02-14 14:43	2017-02-14 14:57

Reporter	j_schultz	Assigned To
Priority	normal	Severity	minor	Reproducibility	always
Status	new	Resolution	open
Product Version	2.1.0

Summary	0022373: Reporter can edit other reporter's issues?
Description	My Mantis instance was configured with the intention that reporters can edit their own issues (description, etc). One of the REPORTER users of my issue tracker notified me that they can edit other users' issues too, and that they cannot remember seeing an edit button before I upgraded our Mantis instance from 1.3.x to 2.1.x, so there is a possible regression / security issue. I reviewed our workflow thresholds and while there is a threshold for "Edit others' notes", there is no equivalent for issues. Is it intentional that a REPORTER can either edit all issues or none? If so, shouldn't there be a setting that a reporter can only edit their own issues?
Tags	No tags attached.