futuresight / futurebb

The forum system by FutureSight Technologies. A live sample can be seen at http://futuresight.org/forums
http://futurebb.futuresight.org
2 stars 2 forks source link

Sanitize input for header links #176

Open jacob-g opened 8 years ago

jacob-g commented 8 years ago

Since the permissions involve using an IF statement, require the permissions to be actual user group permissions and reject any that aren't.

This is not a high priority security issue since only administrators can access the page.