Bug #80226: Frontend user login doesn't respect Delete resctriction - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #80226

closed

Frontend user login doesn't respect Delete resctriction

Added by Pixelant Developer over 7 years ago. Updated over 7 years ago.

Status:

Rejected

Priority:

Must have

Assignee:

Category:

Target version:

Start date:

2017-03-10

Due date:

% Done:

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

It's possible to login after frontend user record was deleted.

in sysext/core/Classes/Authentication/AbstractUserAuthentication.php on line 1594 query is created with DeletedRestriction, but DeletedRestriction could not be created correct, because TCA configuration is not set in that moment.

Actions

Copy link

Updated by Frans Saris over 7 years ago

Status changed from New to Needs Feedback

Did you test latest versions?
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-002/

Actions

Copy link

Updated by Pixelant Developer over 7 years ago

sorry, didn't see that it's fixed already.

Actions

Copy link

Updated by Frans Saris over 7 years ago

Status changed from Needs Feedback to Rejected

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #80226

Frontend user login doesn't respect Delete resctriction

Updated by Frans Saris over 7 years ago

Updated by Pixelant Developer over 7 years ago

Updated by Frans Saris over 7 years ago