From cc86e1bc247787a6dd28f4604b93e08415ecd4fb Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Tue, 13 Dec 2011 14:26:45 -0800
Subject: Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible
 unauthorized account creation e-mail request [r=mkanat a=mkanat]

---
 createaccount.cgi | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'createaccount.cgi')

diff --git a/createaccount.cgi b/createaccount.cgi
index d0437a021..90530b3c5 100755
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -62,6 +62,11 @@ unless ($createexp) {
 my $login = $cgi->param('login');
 
 if (defined($login)) {
+    # Check the hash token to make sure this user actually submitted
+    # the create account form.
+    my $token = $cgi->param('token');
+    check_hash_token($token, ['create_account']);
+
     $login = Bugzilla::User->check_login_name_for_creation($login);
     $vars->{'login'} = $login;
 
-- 
cgit v1.2.1