Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: Leaking of hashed passwords in the audit logs fixed
- Scope was limited due to the audit log access restrictions to site/org admins
  • Loading branch information
iglocska committed Nov 24, 2017
1 parent 8794af9 commit 7d5890b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/Controller/UsersController.php
Expand Up @@ -644,7 +644,7 @@ public function admin_edit($id = null) {
$c = 0;
foreach ($fields as $field) {
if (isset($fieldsOldValues[$c]) && $fieldsOldValues[$c] != $fieldsNewValues[$c]) {
if ($field != 'confirm_password') {
if ($field != 'confirm_password' && $field != 'enable_password') {
$fieldsResultStr = $fieldsResultStr . ', ' . $field . ' (' . $fieldsOldValues[$c] . ') => (' . $fieldsNewValues[$c] . ')';
}
}
Expand Down

0 comments on commit 7d5890b

Please sign in to comment.