Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | |||||||||||
| 0034492 | |||||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||||
| defect | [Openbravo ERP] A. Platform | minor | always | 2016-11-14 13:46 | 2022-02-01 08:05 | ||||||
| Reporter | caristu | View Status | public | ||||||||
| Assigned To | Triage Platform Base | ||||||||||
| Priority | high | Resolution | open | Fixed in Version | |||||||
| Status | acknowledged | Fix in branch | Fixed in SCM revision | ||||||||
| Projection | none | ETA | none | Target Version | |||||||
| OS | Any | Database | Any | Java version | |||||||
| OS Version | Database version | Ant version | |||||||||
| Product Version | SCM revision | ||||||||||
| Review Assigned To | |||||||||||
| Web browser | |||||||||||
| Modules | Core | ||||||||||
| Regression level | |||||||||||
| Regression date | |||||||||||
| Regression introduced in release | |||||||||||
| Regression introduced by commit | |||||||||||
| Triggers an Emergency Pack | No | ||||||||||
| Summary | 0034492: Review access for the StorePropertyActionHandler class | ||||||||||
| Description | It is possible to set any property at any level (including system level) when invoking StorePropertyActionHandler | ||||||||||
| Steps To Reproduce | In description | ||||||||||
| Tags | security | ||||||||||
| Attached Files | |||||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|
 Relationships |
|
Notes |
|
| There are no notes attached to this issue. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2016-11-14 13:46 | caristu | New Issue | |
| 2016-11-14 13:46 | caristu | Assigned To | => platform |
| 2016-11-14 13:46 | caristu | File Added: curlSetProperty.txt | |
| 2016-11-14 13:46 | caristu | Modules | => Core |
| 2016-11-14 13:46 | caristu | Triggers an Emergency Pack | => No |
| 2016-11-14 13:46 | caristu | Relationship added | related to 0034490 |
| 2016-11-14 17:51 | caristu | Summary | [clustering] StorePropertyActionHandler is unsecure => [clustering] Review access for the StorePropertyActionHandler |
| 2016-11-14 17:51 | caristu | Description Updated | View Revisions |
| 2016-11-14 17:51 | caristu | Steps to Reproduce Updated | View Revisions |
| 2016-11-14 17:51 | caristu | File Deleted: curlSetProperty.txt | |
| 2016-11-14 17:51 | caristu | Summary | [clustering] Review access for the StorePropertyActionHandler => [clustering] Review access for the StorePropertyActionHandler class |
| 2016-11-15 11:14 | caristu | Summary | [clustering] Review access for the StorePropertyActionHandler class => Review access for the StorePropertyActionHandler class |
| 2016-11-16 16:39 | alostale | Relationship deleted | related to 0034490 |
| 2016-12-01 12:18 | alostale | Status | new => acknowledged |
| 2016-12-01 13:20 | alostale | Priority | high => normal |
| 2016-12-01 14:03 | alostale | Priority | normal => high |
| 2016-12-16 14:46 | caristu | Tag Attached: security | |
| 2022-02-01 08:05 | alostale | Assigned To | platform => Triage Platform Base |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |