diff options
| author |   Frédéric Buclin <LpSolit@gmail.com> | 2014-10-06 14:27:01 +0000 |
|---|---|---|
| committer |   David Lawrence <dkl@mozilla.com> | 2014-10-06 14:27:01 +0000 |
| commit | 7b8e0ab40feb210cca2bbe9c83e94bde8b36dec5 (patch) | |
| tree | 7eb32d7e6af4f0d57bf0e4cccb35de70177bd6d3 /token.cgi | |
| parent | Bug 1072490: Release notes for 4.4.6 (diff) | |
| download | bugzilla-7b8e0ab40feb210cca2bbe9c83e94bde8b36dec5.tar.gz bugzilla-7b8e0ab40feb210cca2bbe9c83e94bde8b36dec5.tar.bz2 bugzilla-7b8e0ab40feb210cca2bbe9c83e94bde8b36dec5.zip | |
Bug 1075578: [SECURITY] Improper filtering of CGI arguments
r=dkl,a=sgreen
Diffstat (limited to 'token.cgi')
| -rwxr-xr-x | token.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -309,7 +309,7 @@ sub confirm_create_account { my $otheruser = Bugzilla::User->create({ login_name => $login_name, - realname => $cgi->param('realname'), + realname => scalar $cgi->param('realname'), cryptpassword => $password}); # Now delete this token. |