You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2018/05/22 11:39:13 UTC
[GitHub] qin4zhang opened a new issue #5054: Security vulnerability for
0.25.0
qin4zhang opened a new issue #5054: Security vulnerability for 0.25.0
URL: https://github.com/apache/incubator-superset/issues/5054
Make sure these boxes are checked before submitting your issue - thank you!
- [ ] I have checked the superset logs for python stacktraces and included it here as text if any
- [ ] I have reproduced the issue with at least the latest released version of superset
- [ ] I have checked the issue tracker for the same issue and I haven't found one similar
### Superset version
0.25.0
### Expected results
Common users with Gamma could't get user list, when they reach ip:port/users/list/.
### Actual results
Common user with Gamma remember the url ip:port/users/list/,they can reach the url ,then edit users role to get Admins.
### Steps to reproduce
1. Login in common user with Gamma role.
2. Reach url ip:port/users/list/
3. Choosing the user, edit the role to Admin. Get it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org