On 02/01/13 15:59, Sascha Gresk wrote: > http://www.redmine.org/projects/redmine/wiki/Security_Advisories > > "Mass-assignemnt vulnerability that would allow an attacker to > bypass part of the security checks" > Thanks for the heads up. Would you be interested in helping out by sending a patch or testing a patch if I come up with one? Steve