git.p6c8.net - jirafeau_mojo42.git/commit

]> git.p6c8.net - jirafeau_mojo42.git/commit

git.p6c8.net / jirafeau_mojo42.git / commit

author	Jérôme <mojo@couak.net>
	Tue, 22 Mar 2016 09:10:42 +0000 (09:10 +0000)
committer	Jérôme <mojo@couak.net>
	Tue, 22 Mar 2016 09:10:42 +0000 (09:10 +0000)
commit	6564589a47862c108fa27f7be51ddf9f52011e80
tree	5f3e62a3dc79293e07e4ae900de64231e6130c21	tree \| snapshot
parent	272ab3a46c93c963d80d4c7a31f7390b7317136a	commit \| diff
parent	c019221848e50ba97456bcf0ad7e4e7d13dd4110	commit \| diff

Merge branch 'master' into 'master'

admin.php: fix authentication bypass vulnerability

An attacker ban bypass the authentication form by passing an array instead of a string (https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#Input_handling). The identity operator should fix the vulnerability.

See merge request !13

Mirror of mojo42's Git repository for the Jirafeau project; main repository at https://gitlab.com/mojo42/Jirafeau

RSS Atom

patrick-canterino.de