From 9a66359b3c1b0453f0016161f96bdd898605c39b Mon Sep 17 00:00:00 2001 From: alejandro-campos Date: Mon, 20 Apr 2020 18:00:20 +0200 Subject: [PATCH] fix vulnerability in password recovery --- pandora_console/index.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pandora_console/index.php b/pandora_console/index.php index cc79382b82..145b809b97 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -731,12 +731,13 @@ if (! isset($config['id_user'])) { $first = (boolean) get_parameter('first', 0); $reset_hash = get_parameter('reset_hash', ''); - if ($correct_pass_change) { + $pass1 = get_parameter_post('pass1'); + $pass2 = get_parameter_post('pass2'); + $id_user = get_parameter_post('id_user'); + + if ($correct_pass_change && !empty($pass1) && !empty($pass2) && !empty($id_user)) { $correct_reset_pass_process = ''; $process_error_message = ''; - $pass1 = get_parameter('pass1'); - $pass2 = get_parameter('pass2'); - $id_user = get_parameter('id_user'); if ($pass1 == $pass2) { $res = update_user_password($id_user, $pass1);