Context Navigation

← Previous Ticket
Next Ticket →

#11959 new defect (bug)

Value Truncation Still Unchecked in registration.php

Reported by:	miqrogroove	Owned by:
Priority:	normal	Milestone:	Future Release
Component:	Users	Version:
Severity:	normal	Keywords:	needs-patch
Cc:

Description

Functions such as username_exists() fail to perform sanity checks against the storage schema. As a result, it is possible to register multiple users with the same username, if the length is greater than or equal to the username field size. Only the first user can login, however anyone re-registering that username can impersonate the first user to reset their password.

Change History (5)

comment:1 ryan — 3 years ago

Related: #7728

comment:2 nacin — 3 years ago

Milestone changed from 2.9.3 to 3.0

Not a regression. Moving to 3.0. Can be backported if desired.

comment:3 nacin — 3 years ago

Keywords needs-patch added

comment:4 ryan — 3 years ago

Milestone changed from 3.0 to 3.1

comment:5 nacin — 3 years ago

Milestone changed from Awaiting Triage to Future Release

Note: See TracTickets for help on using tickets.

Download in other formats: