From f9f5d7188b71203558b97968081f72734df35e15 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Fri, 4 Mar 2016 22:06:55 -0500
Subject: Fix security issue: Unexpected access to any tasks from a shared
 public board

---
 app/Controller/Task.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'app/Controller')

diff --git a/app/Controller/Task.php b/app/Controller/Task.php
index 5f35be55..56d222d0 100644
--- a/app/Controller/Task.php
+++ b/app/Controller/Task.php
@@ -23,13 +23,17 @@ class Task extends Base
 
         // Token verification
         if (empty($project)) {
-            $this->forbidden(true);
+            return $this->forbidden(true);
         }
 
         $task = $this->taskFinder->getDetails($this->request->getIntegerParam('task_id'));
 
         if (empty($task)) {
-            $this->notfound(true);
+            return $this->notfound(true);
+        }
+
+        if ($task['project_id'] != $project['id']) {
+            return $this->forbidden(true);
         }
 
         $this->response->html($this->helper->layout->app('task/public', array(
-- 
cgit v1.2.3