Bug 1252578 - CSRF and SELECT-only SQL execution attack against query_database.html

author: Dylan Hardison <dylan@mozilla.com> 2016-03-10 04:20:00 +0100
committer: Dylan Hardison <dylan@mozilla.com> 2016-03-10 04:20:16 +0100
commit: 3c360d80785b076c143ad350acb8e02b3833a0b4 (patch)
tree: 399cba1c95e9d215705435decf0f234705cc7e76 /extensions/BMO/Extension.pm
parent: 844c6238baf72dfa79ad7e33f2bc1947cbf5b3f5 (diff)
download: bugzilla-3c360d80785b076c143ad350acb8e02b3833a0b4.tar.gz
bugzilla-3c360d80785b076c143ad350acb8e02b3833a0b4.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm
index a72f3d1be..75b8df456 100644
--- a/extensions/BMO/Extension.pm
+++ b/extensions/BMO/Extension.pm
@@ -2133,6 +2133,7 @@ sub query_database {
     $vars->{query} = $query;
 
     if ($query) {
+        check_hash_token($input->{token}, ['query_database']);
         trick_taint($query);
         $vars->{executed} = 1;
author	Dylan Hardison <dylan@mozilla.com>	2016-03-10 04:20:00 +0100
committer	Dylan Hardison <dylan@mozilla.com>	2016-03-10 04:20:16 +0100
commit	3c360d80785b076c143ad350acb8e02b3833a0b4 (patch)
tree	399cba1c95e9d215705435decf0f234705cc7e76 /extensions/BMO/Extension.pm
parent	844c6238baf72dfa79ad7e33f2bc1947cbf5b3f5 (diff)
download	bugzilla-3c360d80785b076c143ad350acb8e02b3833a0b4.tar.gz bugzilla-3c360d80785b076c143ad350acb8e02b3833a0b4.tar.xz