summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormkanat%bugzilla.org <>2009-09-11 18:05:48 +0200
committermkanat%bugzilla.org <>2009-09-11 18:05:48 +0200
commit7fda8c351dd6c9621d85c9b29c5c6baa2f1eaba3 (patch)
treeb481c92d31115bb834b817672a3cb93cf2fbc264
parentcb23c7f7b623f500972ea3a227e0b278fe8695ac (diff)
downloadbugzilla-7fda8c351dd6c9621d85c9b29c5c6baa2f1eaba3.tar.gz
bugzilla-7fda8c351dd6c9621d85c9b29c5c6baa2f1eaba3.tar.xz
Bug 508189: (CVE-2009-3166) [SECURITY] Logging in after changing your password would expose your new password in the URL
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
-rwxr-xr-xtoken.cgi4
1 files changed, 4 insertions, 0 deletions
diff --git a/token.cgi b/token.cgi
index 1e62bb8a0..614feefa9 100755
--- a/token.cgi
+++ b/token.cgi
@@ -130,6 +130,8 @@ if ( $action eq 'chgpw' ) {
|| ThrowUserError("require_new_password");
validate_password($password, $cgi->param('matchpassword'));
+ # Make sure that these never show up in the UI under any circumstances.
+ $cgi->delete('password', 'matchpassword');
}
################################################################################
@@ -378,6 +380,8 @@ sub confirm_create_account {
my $password = $cgi->param('passwd1') || '';
validate_password($password, $cgi->param('passwd2') || '');
+ # Make sure that these never show up anywhere in the UI.
+ $cgi->delete('passwd1', 'passwd2');
my $otheruser = Bugzilla::User->create({
login_name => $login_name,