Need to verify message sources
Bug #244592 reported by
Szabolcs Molnár
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| eHub |
Fix Committed
|
High
|
CyB | ||
Bug Description
The hub required to verify if the ADC commands' originating SID field is the same as the user's own sid. So users shouldn't be able to talk in someone else's name.
for example, I can send BMSG ABCD test even if my sid is not ABCD
| Changed in ehub: | |
| importance: | Undecided → High |
| Changed in ehub: | |
| assignee: | nobody → viktor.balazs |
| status: | New → Fix Committed |
| Changed in ehub: | |
| milestone: | none → 0-4-0 |
To post a comment you must log in.
