On 2012-04-06 10:02, Wichert Akkerman wrote:
The dependency graph view of a ticket does not do any permission
checks. This is a security problem on private trac sites since it
creates a channel through which sensitive information about tickets
(existence, dependencies and ticket titles) is
Package: trac-mastertickets
Severity: critical
The dependency graph view of a ticket does not do any permission checks.
This is a security problem on private trac sites since it creates a
channel through which sensitive information about tickets (existence,
dependencies and ticket titles) is
2 matches
Mail list logo
