diff options
author | Reed Loden <reed@reedloden.com> | 2011-11-21 23:06:15 +0100 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2011-11-21 23:06:15 +0100 |
commit | 2e19756821f33549ea0bb729b1826145ba0a4a67 (patch) | |
tree | bf04a182016e380115d0782b3f90b372cdf32fc8 /template/en/default | |
parent | a4528b84c02ebb1d7b9bff1f068283e28c5186de (diff) | |
download | bugzilla-2e19756821f33549ea0bb729b1826145ba0a4a67.tar.gz bugzilla-2e19756821f33549ea0bb729b1826145ba0a4a67.tar.xz |
Bug 703983 - CSRF vulnerability in attachment.cgi allows possible unauthorized attachment creation
[r=LpSolit a=LpSolit]
Diffstat (limited to 'template/en/default')
-rw-r--r-- | template/en/default/attachment/cancel-create-dupe.html.tmpl | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/template/en/default/attachment/cancel-create-dupe.html.tmpl b/template/en/default/attachment/cancel-create-dupe.html.tmpl deleted file mode 100644 index 643a24ad8..000000000 --- a/template/en/default/attachment/cancel-create-dupe.html.tmpl +++ /dev/null @@ -1,48 +0,0 @@ -[%# The contents of this file are subject to the Mozilla Public - # License Version 1.1 (the "License"); you may not use this file - # except in compliance with the License. You may obtain a copy of - # the License at http://www.mozilla.org/MPL/ - # - # Software distributed under the License is distributed on an "AS - # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - # implied. See the License for the specific language governing - # rights and limitations under the License. - # - # The Original Code is the Bugzilla Bug Tracking System. - # - # The Initial Developer of the Original Code is Olav Vitters. - # - # Contributor(s): Olav Vitters <olav@bkor.dhs.org> - # David Lawrence <dkl@redhat.com> - #%] - -[%# INTERFACE: - # bugid: integer. ID of the bug report that this attachment relates to. - # attachid: integer. ID of the previous attachment recently created. - #%] - -[% PROCESS "global/field-descs.none.tmpl" %] - -[% PROCESS global/header.html.tmpl - title = "Already filed attachment" -%] - -[% USE Bugzilla %] - -<table cellpadding="20"> - <tr> - <td bgcolor="#ff0000"> - <font size="+2"> - You already used the form to file - <a href="[% urlbase FILTER html %]attachment.cgi?id=[% attachid FILTER uri %]&action=edit">attachment [% attachid FILTER uri %]</a>. - </font> - </td> - </tr> -</table> - -<p> - You can either <a href="[% urlbase FILTER html %]attachment.cgi?bugid=[% bugid FILTER uri %]&action=enter"> - create a new attachment</a> or [% "go back to $terms.bug $bugid" FILTER bug_link(bugid) FILTER none %]. -<p> - -[% PROCESS global/footer.html.tmpl %] |