Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Do not pass raw user data to unserialize
Filters were moved to TOKEN api, so the code in current_user_api to handle ?filter= on URL query strings is a left over from this move and is no longer necessary. This issue was reported by Matthias Karlsson (http://mathiaskarlsson.me) as part of Offensive Security's bug bounty program [1]. Fixes #17875 [1] http://www.offensive-security.com/bug-bounty-program/ Signed-off-by: Damien Regad <dregad@mantisbt.org>
- Loading branch information