From 7c363d5adeb6f5cdd60468a4a21e6981a0434dee Mon Sep 17 00:00:00 2001
From: zmagod <zmago_devetak@yahoo.com>
Date: Tue, 13 Sep 2016 13:57:31 +0200
Subject: [PATCH] fixed security issue

---
 app/controllers/results_controller.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/controllers/results_controller.rb b/app/controllers/results_controller.rb
index 1a4638382..2d4e27b96 100644
--- a/app/controllers/results_controller.rb
+++ b/app/controllers/results_controller.rb
@@ -34,6 +34,7 @@ class ResultsController < ApplicationController
 
   def load_vars
     @result = Result.find_by_id(params[:id])
+    return render_403 unless @result
     @my_module = @result.my_module
   end