MantisBT: master-1.2.x 7bb78e45

Author Committer Branch Timestamp Parent
vboctor dregad master-1.2.x 2014-11-24 23:28:34 master-1.2.x b0021673
Affected Issues  0017811: CVE-2014-9117: CAPTCHA bypass
 0017993: User creation with captcha broken by fix for issue #17811
Changeset

Use session rather than form key for captcha

Fixes 0017811

Signed-off-by: Damien Regad <dregad@mantisbt.org>

mod - core/constant_inc.php Diff File
mod - make_captcha_img.php Diff File
mod - signup.php Diff File
mod - signup_page.php Diff File