Bug 312441: relogin.cgi allows you to impersonate user accounts you are not allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave

author: karl%kornel.name <> 2005-11-20 10:31:35 +0100
committer: karl%kornel.name <> 2005-11-20 10:31:35 +0100
commit: 3b2f0ca83f4670d408902a00bfe4264cee5c57aa (patch)
tree: 3b684b276d8f99f718c93df6cd75bc8463afbd89 /template/en/default/admin/users
parent: 5ad7900f7b12f1b81bdc068282b7106be8aae407 (diff)
download: bugzilla-3b2f0ca83f4670d408902a00bfe4264cee5c57aa.tar.gz
bugzilla-3b2f0ca83f4670d408902a00bfe4264cee5c57aa.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/template/en/default/admin/users/userdata.html.tmpl b/template/en/default/admin/users/userdata.html.tmpl
index f606bb73d..96c9df515 100644
--- a/template/en/default/admin/users/userdata.html.tmpl
+++ b/template/en/default/admin/users/userdata.html.tmpl
@@ -32,7 +32,7 @@
                value="[% otheruser.login FILTER html %]" />
         [% IF !otheruser.groups.bz_sudo_protect %]
           <br />
-          <a href="relogin.cgi?action=sudo&amp;target_login=
+          <a href="relogin.cgi?action=prepare-sudo&amp;target_login=
           [%- otheruser.login FILTER html %]">Impersonate this user</a>
         [% END %]
       [% END %]
author	karl%kornel.name <>	2005-11-20 10:31:35 +0100
committer	karl%kornel.name <>	2005-11-20 10:31:35 +0100
commit	3b2f0ca83f4670d408902a00bfe4264cee5c57aa (patch)
tree	3b684b276d8f99f718c93df6cd75bc8463afbd89 /template/en/default/admin/users
parent	5ad7900f7b12f1b81bdc068282b7106be8aae407 (diff)
download	bugzilla-3b2f0ca83f4670d408902a00bfe4264cee5c57aa.tar.gz bugzilla-3b2f0ca83f4670d408902a00bfe4264cee5c57aa.tar.xz