[Vtigercrm-developers] flaw in vtws_getchallenge
Joe Bordes
joe at tsolucio.com
Sun Apr 6 00:06:06 GMT 2014
Hi,
You can find a proposed patch for coreBOS here:
http://corebos.org/development/view.php?id=110
that should work exactly the same on VT6
Joe
TSolucio
El 28/03/14 02:01, Hamono, Chris (DPC) escribió:
> vtws_getchallenge does not adequately check for a valid user.
> If an invalid user is passed to it, it should fail or throw an exception.
> Instead it creates an entry in the database with a null userid
> Chris
>
>
> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20140406/f4ff346f/attachment.html>
More information about the vtigercrm-developers
mailing list