alaveteli - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Mark Longair <mhl@pobox.com>	2013-06-17 09:53:29 +0100
committer	Mark Longair <mhl@pobox.com>	2013-06-17 10:41:05 +0100
commit	8d5c7b7c4efc09052031e6cab81a3539ae319f2f (patch)
tree	9d71e4ddfa45d9f8cb3001b970a11fb10166e1e5 /app/controllers/admin_controller.rb
parent	a817362702eb85dfebdf83756da97acb41a2bea9 (diff)

Fix a security vulnerability: eval used in quoting display name0.7.0.6

This use of eval allows arbitrary remote code execution on parsing of a maliciously formed email.

Diffstat (limited to 'app/controllers/admin_controller.rb')

0 files changed, 0 insertions, 0 deletions