tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[CVE-2023-32302] Require password field to be non-empty

This commit is contained in:
Steve Boyd 2023-05-12 12:24:12 +12:00
parent cb7be276e7
commit 7b21b38ac4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Security/Member.php
View File

@ -731,7 +731,7 @@ class Member extends DataObject
$password->setRequireExistingPassword(true);
}
$password->setCanBeEmpty(true);
$password->setCanBeEmpty(false);
$this->extend('updateMemberPasswordField', $password);
return $password;