As a quick and dirty fix I've modified the checklogin.php file to replace the & with &
So on line 168 replace
header('Location: ' . sanitizeInput($redirect_url));
with
header('Location: ' . str_replace('&', '&', sanitizeInput($redirect_url)));
This works correctly on the quick tests I ...
Search found 2 matches
- 06 Jun 2017 10:35
- Forum: 3.x Bugs
- Topic: viewmail.php forbidden
- Replies: 3
- Views: 4096
- 06 Jun 2017 09:42
- Forum: 3.x Bugs
- Topic: viewmail.php forbidden
- Replies: 3
- Views: 4096
viewmail.php forbidden
Hi all,
I've found an issue with viewing mail from the quarantined report.
When I click on the view link and I'm not logged in I get redirected to the login page, once I login the url gets modified replacing the & between token and id with & causing a forbidden message. If I manually correct ...
I've found an issue with viewing mail from the quarantined report.
When I click on the view link and I'm not logged in I get redirected to the login page, once I login the url gets modified replacing the & between token and id with & causing a forbidden message. If I manually correct ...