tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #10895 from creative-commoners/pulls/4.13/cve-2023-32302 

[CVE-2023-32302] Require password field to be non-empty
This commit is contained in:
Guy Sartorelli 2023-07-31 11:24:46 +12:00 committed by GitHub
parent cb7be276e7 7b21b38ac4
commit 0a1c46e69f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Security/Member.php
View File

@ -731,7 +731,7 @@ class Member extends DataObject
$password->setRequireExistingPassword(true);
}
$password->setCanBeEmpty(true);
$password->setCanBeEmpty(false);
$this->extend('updateMemberPasswordField', $password);
return $password;