mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Do not include _token in legacy vars (#14313)

Browse Source
This commit is contained in:
Tony Murray
2022-09-07 16:17:08 -05:00
committed by GitHub
parent ae15c8eb2a
commit 6342d69b18
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/html/vars.inc.php
+2 -2
View File
@@ -10,5 +10,5 @@ foreach ($_POST as $name => $value) {
$vars[$name] = ($value);
}
// don't leak login data
unset($vars['username'], $vars['password'], $uri, $base_url);
// don't leak login and other data
unset($vars['username'], $vars['password'], $vars['_token']);