fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PM-1114 RW-152-6 Reflected Cross Site Scripting

Browse Source 
Codigo JavaScript evaluado y ejecutado
This commit is contained in:
norahmollo
2014-12-19 09:56:39 -04:00
parent bd03b838df
commit 52413128bb
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
workflow/engine/methods/login/retrivePassword.php
View File

@@ -8,7 +8,7 @@ G::LoadClass("system");
$rbacUser = new RbacUsers();
$user = new Users();
$data['USR_USERNAME'] = strip_tags($data['USR_USERNAME']);
$userData = $rbacUser->getByUsername($data['USR_USERNAME']);
if ($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL'] && ($userData['USR_AUTH_TYPE'] === '' || $userData['USR_AUTH_TYPE'] == 'MYSQL') ) {