diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2014-10-06 16:25:06 +0200 |
|---|---|---|
| committer | David Lawrence <dkl@mozilla.com> | 2014-10-06 16:25:06 +0200 |
| commit | ce590bf022ef6c2fc0c0c902d773ec7a53e7e4ad (patch) | |
| tree | 3708d76568e9b7152fbb8dbe8c1b7b5690b8394c /editgroups.cgi | |
| parent | b07267acd0301aef84aa74fc4aea39481cea6ad5 (diff) | |
| download | bugzilla-ce590bf022ef6c2fc0c0c902d773ec7a53e7e4ad.tar.gz bugzilla-ce590bf022ef6c2fc0c0c902d773ec7a53e7e4ad.tar.xz | |
Bug 1075578: [SECURITY] Improper filtering of CGI arguments
r=dkl,a=sgreen
Diffstat (limited to 'editgroups.cgi')
| -rwxr-xr-x | editgroups.cgi | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/editgroups.cgi b/editgroups.cgi index a879aa770..ccd0bd432 100755 --- a/editgroups.cgi +++ b/editgroups.cgi @@ -242,7 +242,7 @@ if ($action eq 'new') { if ($action eq 'del') { # Check that an existing group ID is given - my $group = Bugzilla::Group->check({ id => $cgi->param('group') }); + my $group = Bugzilla::Group->check({ id => scalar $cgi->param('group') }); $group->check_remove({ test_only => 1 }); $vars->{'shared_queries'} = $dbh->selectrow_array('SELECT COUNT(*) @@ -266,7 +266,7 @@ if ($action eq 'del') { if ($action eq 'delete') { check_token_data($token, 'delete_group'); # Check that an existing group ID is given - my $group = Bugzilla::Group->check({ id => $cgi->param('group') }); + my $group = Bugzilla::Group->check({ id => scalar $cgi->param('group') }); $vars->{'name'} = $group->name; $group->remove_from_db({ remove_from_users => scalar $cgi->param('removeusers'), |