Patch: 1.4.2 events.php permission expansion bug

XMLWordPrintable

    • Type: Incident report
    • Resolution: Fixed
    • Priority: Major
    • 1.4.3
    • Affects Version/s: 1.4.3
    • Component/s: Frontend (F)
    • None

      Not sure what you want in here...

      I don't know the full extent of the bug, but it looks like any user could go to 'events.php' and see any events triggered for any host. Not good.

      Also, it was shoing the groups the host belonged to and not the groups the user was allowed to access.

      http://www.zabbix.com/forum/showthread.php?t=7853

            Assignee:
            Alexei Vladishev
            Reporter:
            Alexei Vladishev
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: