diff options
author | Reed Loden <reed@reedloden.com> | 2012-05-29 08:22:31 -0700 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2012-05-29 08:22:31 -0700 |
commit | 038df43c5a3d51bd66772a7df7e6403eebe1b913 (patch) | |
tree | b9448e83097d8621f9552a883c213e7e99e4ea05 /buglist.cgi | |
parent | 9245e5ca7bab659a00bf301f3db22b8d9608f92b (diff) | |
download | bugs-038df43c5a3d51bd66772a7df7e6403eebe1b913.tar bugs-038df43c5a3d51bd66772a7df7e6403eebe1b913.tar.gz bugs-038df43c5a3d51bd66772a7df7e6403eebe1b913.tar.bz2 bugs-038df43c5a3d51bd66772a7df7e6403eebe1b913.tar.xz bugs-038df43c5a3d51bd66772a7df7e6403eebe1b913.zip |
Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized setting of default search options
[r=LpSolit a=LpSolit]
Diffstat (limited to 'buglist.cgi')
-rwxr-xr-x | buglist.cgi | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/buglist.cgi b/buglist.cgi index f0e778464..f7498483a 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -434,6 +434,8 @@ if ($cmdtype eq "dorem") { elsif (($cmdtype eq "doit") && defined $cgi->param('remtype')) { if ($cgi->param('remtype') eq "asdefault") { $user = Bugzilla->login(LOGIN_REQUIRED); + my $token = $cgi->param('token'); + check_hash_token($token, ['searchknob']); InsertNamedQuery(DEFAULT_QUERY_NAME, $buffer); $vars->{'message'} = "buglist_new_default_query"; } |