Fix missing permission check for user profile containers

diff --git a/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php b/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
index eae832d3aad70239726b29efa09105561eac65b6..5c96401a69672607c95cdae9d981a74e0ee4b056 100644 (file)
--- a/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
+++ b/wcfsetup/install/files/lib/data/user/profile/menu/item/UserProfileMenuItemAction.class.php
@@ -1,6 +1,8 @@
 <?php
 namespace wcf\data\user\profile\menu\item;
 use wcf\data\AbstractDatabaseObjectAction;
+use wcf\system\cache\runtime\UserProfileRuntimeCache;
+use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
 use wcf\system\menu\user\profile\UserProfileMenu;
@@ -44,6 +46,16 @@ class UserProfileMenuItemAction extends AbstractDatabaseObjectAction {
                if (!$this->menuItem->getContentManager()->isVisible($this->parameters['data']['userID'])) {
                        throw new PermissionDeniedException();
                }
+               
+               $user = UserProfileRuntimeCache::getInstance()->getObject($this->parameters['data']['userID']);
+               
+               if ($user === null) {
+                       throw new IllegalLinkException();
+               }
+               
+               if ($user->isProtected()) {
+                       throw new PermissionDeniedException();
+               }
        }
        
        /**