lock.php performs no authentication

ieb / timetables

Timetables

http://www.caret.cam.ac.uk/blogs/ucam-timetables/

GNU Affero General Public License v3.0

2 stars 1 forks source link

lock.php performs no authentication #30

Open h4l opened 12 years ago

h4l commented 12 years ago

lock.php does not authenticate lock requests, allowing anyone to lock any tripos for arbitrary periods of time. On the other hand locks can be ignored.