Soumettre #822956: theonedev onedev 15.05 BOPLAinformation

Titretheonedev onedev 15.05 BOPLA
DescriptionIssue 03 — Default Branch Modification Protected Only by WriteCode Risk Summary The REST API for changing project.defaultBranch currently appears to require only WriteCode permission. However, the default branch acts as a project-level control-plane attribute influencing workflow automation, branch selection logic, and default execution targets. The current Web UI already restricts this operation to project-management-level capability, resulting in inconsistent authorization semantics between UI and REST paths.
La source⚠️ https://www.cnblogs.com/aibot/p/19994142
Utilisateur
 Anonymous User
Soumission08/05/2026 08:30 (il y a 1 mois)
Modérer06/06/2026 00:21 (29 days later)
StatutAccepté
Entrée VulDB369020 [theonedev jusqu’à 15.0.5 REST API default-branch project.defaultBranch élévation de privilèges]
Points20

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!