|
Mantis - Quercus
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 1252 | major | always | 07-15-06 19:23 | 07-17-06 16:51 | |
|
|
|||||
| Reporter: | ajiaojr | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 3.0.19 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 3.0.20 | ||
|
|
|||||
| Summary: | 0001252: mantis bt not checking user passwords when they login. | ||||
| Description: |
I did a fresh installation of mantis. As long as I specify the username correctly, I am able to login, what I type in the password field doesn't matter. A fresh installation on apache+mod_php however do require one to specify the correct password. This problem also exist on http://bugs.caucho.com [^] and IMO is a security flaw. |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| There are no notes attached to this issue. |