View Issue Details

IDProjectCategoryView StatusLast Update
0000055CaseTalk ManagerApplicationpublic2012-02-02 13:08
Reporterron.nagtegaalAssigned Towobben 
PriorityhighSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version1.0.5 
Summary0000055: Security/Authorisation leak
DescriptionProjectmembers who are authorised as guest, can remove and add projectmembers. This allows them to upgrade their authorization level.
Additional InformationThe functions to change roles are disabled as it should be.
TagsNo tags attached.
CaseTalk Edition

Activities

wobben

wobben

2012-02-02 13:04

administrator   ~0000032

Membership window now also disabled the 'add' and 'delete' buttons for project membership if the current user has no permission to do so.

Issue History

Date Modified Username Field Change
2012-02-02 10:02 ron.nagtegaal New Issue
2012-02-02 12:51 wobben Assigned To => wobben
2012-02-02 12:51 wobben Status new => assigned
2012-02-02 13:04 wobben Note Added: 0000032
2012-02-02 13:04 wobben Status assigned => resolved
2012-02-02 13:04 wobben Resolution open => fixed
2012-02-02 13:07 wobben Description Updated View Revisions
2012-02-02 13:07 wobben Additional Information Updated View Revisions
2012-02-02 13:07 wobben Project ProRail => CaseTalk Manager
2012-02-02 13:08 wobben Category General => Application
2012-02-02 13:08 wobben Fixed in Version => 1.0.5
2012-02-02 13:08 wobben Summary Beveiliging/autorisatieslek => Security/Authorisation leak