mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-11-24 14:13:54 +00:00
5fd861365f
AbuseFilterViewEdit does privilege checks based on filter ID, and displays what is hidden under given history ID, but doesn't make sure those two IDs actually belong to one filter. That means user can easily change filter ID to a public filter and view old versions of nowadays private filters. Bug: T237887 Change-Id: Ic12790bd33982473f77551bde9599ed083a3e1f1 |
||
---|---|---|
.. | ||
AbuseFilterView.php | ||
AbuseFilterViewDiff.php | ||
AbuseFilterViewEdit.php | ||
AbuseFilterViewExamine.php | ||
AbuseFilterViewHistory.php | ||
AbuseFilterViewImport.php | ||
AbuseFilterViewList.php | ||
AbuseFilterViewRevert.php | ||
AbuseFilterViewTestBatch.php | ||
AbuseFilterViewTools.php |