projects / GitHub / WoltLab / WCF.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bbc5c26) | patch
Fix XSS vulnerability in registerActivation.tpl
authorTim Düsterhus <duesterhus@woltlab.com>
Mon, 16 Jan 2023 13:40:29 +0000 (14:40 +0100)
committerTim Düsterhus <duesterhus@woltlab.com>
Mon, 16 Jan 2023 13:50:17 +0000 (14:50 +0100)
commitdcf18656ba99b5f8f91312f460407e32d11c40b0
tree61cdfa3e1f4fd677b4a67a77a84ee34a4a79fb11tree | snapshot (tar.gz zip)
parentbbc5c26e1e1cac4013f0c573283c4b94f182a61fcommit | diff
Fix XSS vulnerability in registerActivation.tpl

This was introduced in a477e3522933a7204b02013cd6b6d47d0db1d254 when the
activation logic was refactored to no longer use numeric-only activation codes.

Thanks to Chabik Hatim for responsibly reporting the vulnerability.
com.woltlab.wcf/templates/registerActivation.tpl diff | blob | blame | history
WoltLab Suite Core (previously WoltLab Community Framework)