1Panel-dev/1Panel
1
1
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2026-01-13 18:44:14 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: Fixed login CAPTCHA bypass vulnerability (#11185)

Browse source
This commit is contained in:
CityFun 2025-12-04 18:10:23 +08:00 committed by GitHub
parent 781155b029
commit bf4d91b68b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
core/utils/captcha/captcha.go
View file

@ -10,13 +10,12 @@ import (
var store = base64Captcha.DefaultMemStore
func VerifyCode(codeID string, code string) string {
if codeID == "" {
return "ErrCaptchaCode"
}
vv := store.Get(codeID, true)
vv = strings.TrimSpace(vv)
code = strings.TrimSpace(code)
if codeID == "" || code == "" {
return "ErrCaptchaCode"
}
if strings.EqualFold(vv, code) {
return ""
}