[SECURITY] Bug 219044: A user with 'editkeywords' privileges (i.e. usually an adminis...

author justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)

committer justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)
author justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)
committer justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)
diff --git a/editkeywords.cgi b/editkeywords.cgi

index 073dfbb9d4da8793b191bed1b99c66c5aa66ff8f..7af0c1a6c2f7d92c0e0fb506b01fc20b2f702669 100755 (executable)
--- a/editkeywords.cgi
+++ b/editkeywords.cgi
@@ -126,6 +126,7 @@ unless (UserInGroup("editkeywords")) {
  
  
  my $action  = trim($::FORM{action}  || '');
+detaint_natural($::FORM{id});
  
  
  if ($action eq "") {
author	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)
committer	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:31:30 +0000 (11:31 +0000)