Check view permissions in viewtasks.json.php

Bug #771637 reported by Richard Mansfield on 2011-04-27
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
High
Richard Mansfield
1.3
High
Richard Mansfield

Bug Description

This script is for task pagination when viewing a plans block or plan artefact within the context of a View, but needs to check that the user is allowed to see the View.

CVE References

Ruslan Kabalin (rkabalin) wrote :

The patch looks good to me

visibility: private → public
Changed in mahara:
status: In Progress → Fix Committed
Changed in mahara:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers