From 9e186bdd5da79077f162351d61fd1163d6cfd622 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= <LpSolit@gmail.com>
Date: Mon, 6 Oct 2014 14:29:01 +0000
Subject: Bug 1075578: [SECURITY] Improper filtering of CGI arguments
 r=dkl,a=sgreen

---
 token.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'token.cgi')

diff --git a/token.cgi b/token.cgi
index 145aa5225..830ecfccb 100755
--- a/token.cgi
+++ b/token.cgi
@@ -313,7 +313,7 @@ sub confirm_create_account {
 
     my $otheruser = Bugzilla::User->create({
         login_name => $login_name, 
-        realname   => $cgi->param('realname'), 
+        realname   => scalar $cgi->param('realname'),
         cryptpassword => $password});
 
     # Now delete this token.
-- 
cgit v1.2.1