Changeset [5bfc6132b9f0b090576d845a0584632781fa3885] by dleffler

October 21st, 2016 @ 11:06 AM

close some possible vulnerabilities; standardize 'login needed' implementation; ensure users (group) not allowed to change profile can't update their profile via url
https://github.com/exponentcms/exponent-cms/commit/5bfc6132b9f0b090...

Committed by dleffler

  • M framework/modules/addressbook/controllers/addressController.php
  • M framework/modules/ecommerce/controllers/orderController.php
  • M framework/modules/users/controllers/usersController.php
New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Bug Tracker for Exponent CMS

Shared Ticket Bins