Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Do not pass raw user data to unserialize
Filters were moved to TOKEN api, so the code in current_user_api to handle ?filter= on URL query strings is a left over from this move and is no longer necessary. This issue was reported by Matthias Karlsson (http://mathiaskarlsson.me) as part of Offensive Security's bug bounty program [1]. Fixes #17875 [1] http://www.offensive-security.com/bug-bounty-program/ Signed-off-by: Damien Regad <dregad@mantisbt.org>
- Loading branch information