Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-5239

No authorization checks when creating/saving/reading task attachments

XMLWordPrintable

    • Icon: Bug Report Bug Report
    • Resolution: Unresolved
    • Icon: L3 - Default L3 - Default
    • None
    • 7.3.0, 7.4.0
    • engine
    • None

      Authorization checks should be performed based on the related task resource.

      Note that attachments are stored in the history tables and therefore not coupled to the lifetime of the runtime task entity.

      Forum post: https://groups.google.com/forum/#!topic/camunda-bpm-users/WWQyHusFZ9k

        This is the controller panel for Smart Panels app

              Unassigned Unassigned
              thorben.lindhauer Thorben Lindhauer
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: