View Issue Details

IDProjectCategoryView StatusLast Update
0027363mantisbtsecuritypublic2020-12-30 07:37
Reporterd3vpoo1 Assigned Todregad  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
PlatformWindowsOSWindowsOS VersionWindows 10
Product Version2.24.3 
Target Version2.24.4Fixed in Version2.24.4 
Summary0027363: Fixed in version can be changed to a version that doesn't exist
Description

This allows the manager/admin to set the fixed in version into random/not existing version

Steps To Reproduce
  • Report an issue

  • select any fixed in version

  • as the admin/manager resolve the issue

Request

POST /mantisbt-2.24.3/bug_update.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 202
Origin: http://localhost
Connection: close
Referer: http://localhost/mantisbt-2.24.3/bug_change_status_page.php
Cookie: MANTIS_collapse_settings=|sidebar:0; MANTIS_VIEW_ALL_COOKIE=2; MANTIS_PROJECT_COOKIE=4; PHPSESSID=cbumvvjr23fn1g77cr6rm2mae5; MANTIS_secure_session=1; MANTIS_STRING_COOKIE=LwsWpxrreNl7b0Nd_QgozoNHq7DD79adAtpRxn8jYr7X0GTTC2I-6JPNIolIdbCD; MANTIS_BUG_LIST_COOKIE=2
Upgrade-Insecure-Requests: 1

bug_update_token=20200928FfOMMvS8UmTc4EZ_yvb9NEaq7kiNWJgi&bug_id=8&status=80&last_updated=1601259582&resolution=20&duplicate_id=&handler_id=2&fixed_in_version=2.0&bugnote_text=&action_type=change_status
  • Edit the fixed_in_version to any text you want

  • close the issue

TagsNo tags attached.
Attached Files
fix.png (14,041 bytes)   
fix.png (14,041 bytes)   
random.png (30,319 bytes)   
random.png (30,319 bytes)   

Activities

dregad

dregad

2020-11-22 18:47

developer   ~0064680

Problem is confirmed.

Will implement extra validation to ensure that only versions defined in the project in which the issue being updated belongs can be used.

Related Changesets

MantisBT: master 14639fe5

2020-12-05 13:02

dregad


Details Diff
Validate version fields when updating bug

If a version string is given, make sure it is actually defined in the
issue's project, and trigger error if not.

Fixes 0027363
Affected Issues
0027363
mod - bug_update.php Diff File

MantisBT: master 35fdf034

2020-12-29 04:33

dregad


Details Diff
Only lookup the version when changed

As suggested by @vboctor during review, there is no point in checking
the version if it has not been modified.

Issue 0027363
Affected Issues
0027363
mod - bug_update.php Diff File