From faac5e70ce92133773a2043619f9f23870beb14b Mon Sep 17 00:00:00 2001
From: Dave Lawrence <dlawrence@mozilla.com>
Date: Mon, 28 Nov 2011 11:38:31 -0500
Subject: Bug 704308 - CSRF vulnerability in post_bug.cgi allows possible
 unauthorized bug creation

---
 enter_bug.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'enter_bug.cgi')

diff --git a/enter_bug.cgi b/enter_bug.cgi
index 85e69e535..7a471ab95 100755
--- a/enter_bug.cgi
+++ b/enter_bug.cgi
@@ -225,7 +225,7 @@ $vars->{'qa_contact_disabled'}  = !$has_editbugs;
 
 $vars->{'cloned_bug_id'}         = $cloned_bug_id;
 
-$vars->{'token'}             = issue_session_token('createbug:');
+$vars->{'token'} = issue_session_token('create_bug');
 
 
 my @enter_bug_fields = grep { $_->enter_bug } Bugzilla->active_custom_fields;
-- 
cgit v1.2.3-24-g4f1b