Comment 1 for bug 1872733

Revision history for this message
Jeremy Stanley (fungi) wrote : Re: Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID

Since this report concerns a possible security risk, an incomplete
security advisory task has been added while the core security
reviewers for the affected project or projects confirm the bug and
discuss the scope of any vulnerability along with potential
solutions.