[SECURITY] Bug 209742: Under some circumstances, a user can obtain component…

[SECURITY] Bug 209742: Under some circumstances, a user can obtain component descriptions for a product to which he does not normally have access. Patch by Ryan Cleary <tryanc@interdimensions.com> r= joel, bbaetz a= justdave

[SECURITY] Bug 209742: Under some circumstances, a user can obtain component…
a30e5f2c · justdave%syndicomm.com · 808d96e1 · a30e5f2c
Commit a30e5f2c authored Nov 03, 2003 by justdave%syndicomm.com
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

describecomponents.cgi describecomponents.cgi +1 -1

No files found.
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -46,7 +46,7 @@ if (!defined $::FORM{'product'}) {
    # Reference to a subset of %::proddesc, which the user is allowed to see
    my %products;

-    if (AnyDefaultGroups()) {
+    if (AnyEntryGroups()) {
        # OK, now only add products the user can see
        confirm_login() unless $::userid;
        foreach my $p (@::legal_product) {