Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Blocker
Fix Version/s: 4.3, 4.2.4, 4.1.6
Affects Version/s: 4.2.3
Component/s: admininterface, security
Labels:
None

Template:
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less
Bug DoR:

show more show less

Under certain conditions it is possible for knowledgeable user to escalate his/her own privileges to more then originally assigned. The "user" in question must be valid user with access to admin central. The issue doesn't affect anonymous user.

Acceptance criteria

is related to

MAGNOLIA-2317 Reading user nodes without having correct privileges assigned

Closed

MAGNOLIA-2318 Default user privileges are not enough for user to change their own preferences

Closed

MAGNOLIA-2320 Remove hardcoded user permission modifications from UserEditDialog

Closed

MGNLSTK-621 Demo users have too many privileges assigned

Closed

mentioned in: Wiki Page Loading...

Assignee:: Jan Haderka

Reporter:: Jan Haderka

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 14/Jan/10 3:41 PM

Updated:: 02/Apr/13 11:57 AM

Resolved:: 15/Mar/10 2:19 PM

Date of First Response:: 12/Mar/10 1:17 PM

Bug DoR

Task DoD

Details

Description

Checklists

Attachments

Issue Links

Activity

People

Dates

Checklists