Closed sunny0day closed 3 years ago
Without an exit statement after the 302 response header is set, all code after including this file, will be executed.
This is a major security vulnerability, because one would be able to, for example:
as an unauthenticated user.
Without an exit statement after the 302 response header is set, all code after including this file, will be executed.
This is a major security vulnerability, because one would be able to, for example:
as an unauthenticated user.