Commit 0ecc7fc6 authored by Helmut Hummel's avatar Helmut Hummel
Browse files

[SECURITY] Fix unauthorized SOAP access

By having an inverted condition, attackers
could upload arbitrary extensions by only knowing
the username and the extension key.

When knowing a username of a TER admin,
it was also possible to perform TER admin
commands (like deleting extensions) via SOAP
parent bb47bbbe
Pipeline #2110 passed with stages
in 1 minute and 26 seconds
......@@ -149,7 +149,7 @@ class tx_ter_helper
// as password strings on are not updated ones
if ($row['password'] !== $accountData->password && !$objPHPass->checkPassword(
$accountData->password, $row['password']
) && $this->ldapValidationSucceeded($accountData)
) && !$this->ldapValidationSucceeded($accountData)
) {
throw new tx_ter_exception_unauthorized ('Wrong password.', TX_TER_ERROR_GENERAL_WRONGPASSWORD);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment