From 15cf49a0906e2f8f760fe5cb740b16ec1dc87342 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Fri, 27 Nov 2020 10:52:53 +0100
Subject: [PATCH] Fix validation of hashes in BackupMultifactorMethod

---
 .../system/user/multifactor/BackupMultifactorMethod.class.php   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wcfsetup/install/files/lib/system/user/multifactor/BackupMultifactorMethod.class.php b/wcfsetup/install/files/lib/system/user/multifactor/BackupMultifactorMethod.class.php
index 18dbdd2923..7f5a6b1a8b 100644
--- a/wcfsetup/install/files/lib/system/user/multifactor/BackupMultifactorMethod.class.php
+++ b/wcfsetup/install/files/lib/system/user/multifactor/BackupMultifactorMethod.class.php
@@ -224,7 +224,7 @@ class BackupMultifactorMethod implements IMultifactorMethod {
 		
 		$result = null;
 		foreach ($codes as $code) {
-			[$algorithmName, $hash] = \explode(':', $code['code']);
+			[$algorithmName, $hash] = \explode(':', $code['code'], 2);
 			$algorithm = $manager->getAlgorithmFromName($algorithmName);
 			
 			// The use of `&` is intentional to disable the shortcutting logic.
-- 
2.20.1