firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2022-0120]그누보드_부적절한_권한_검증_취약점_수정

Browse Source
This commit is contained in:
thisgun
2022-06-15 16:11:06 +09:00
parent d8b6297579
commit bafa1c43bf
4 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bbs/password_reset.php
View File

@ -4,7 +4,8 @@ include_once('./_common.php');
if ($is_member) { alert("이미 로그인중입니다."); goto_url(G5_URL); }
if(!$_POST['mb_id']) { alert("잘못된 접근입니다."); goto_url(G5_URL); }
$ss_cert_mb_id = isset($_SESSION['ss_cert_mb_id']) ? trim(get_session('ss_cert_mb_id')) : '';
if(!(isset($_POST['mb_id']) && $_POST['mb_id'] === $ss_cert_mb_id)) { alert("잘못된 접근입니다."); goto_url(G5_URL); }
if($config['cf_cert_find'] != 1) alert("본인인증을 이용하여 아이디/비밀번호 찾기를 할 수 없습니다. 관리자에게 문의 하십시오.");