Fix CVE-2023-36995

This commit is contained in:
nixpc
2023-07-06 23:02:00 +02:00
parent 78b2bddde4
commit e39ca488a9
5 changed files with 9 additions and 6 deletions
+1
View File
@@ -82,6 +82,7 @@ class adm_DB {
$bcrypted = false;
}
$username = htmlspecialchars($username);
if($pwOk) {
// update password to bcrypt, if correct
if (!$dbarray['is_bcrypt'] && !$bcrypted) {