Ticket #494 (closed Defect: fixed)
security issue
Reported by: | JuergeN | Owned by: | jri |
---|---|---|---|
Priority: | Major | Milestone: | |
Component: | DeepaMehta Standard Distribution | Version: | 4.1 |
Keywords: | Cc: | ||
Complexity: | 3 | Area: | |
Module: |
Description
In Version 4.1 a user can add herself to any workspace. As admin I created a new workspace named 'test'. In test I created a new user named 'testuser'. Then I logged in as testuser and assigned myself to the DeepaMehta workspace. Then I had all permissions to create new users etc.
Change History
Note: See
TracTickets for help on using
tickets.