Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2026-01-28 12:16:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Try to fix some security issues.

Browse source 
Thanks to responsible security disclosure contributors and xet7 !
This commit is contained in:
Lauri Ojansivu 2023-02-20 01:21:33 +02:00
parent b349ecbdf7
commit ff993e7c91
9 changed files with 4272 additions and 2291 deletions
Download patch file Download diff file Expand all files Collapse all files

1
models/users.js
View file

@ -2499,6 +2499,7 @@ if (Meteor.isServer) {
Accounts.destroyToken(userId, token);
data.message = 'Delete token: [' + token + '] from user: ' + userId;
} else if (userId) {
check(userId, String);
Users.update(
{
_id: userId,