[MIRROR] [s] Fixes exploit to bypass authentication on requests consoles (#1365)

* [s] Fixes exploit to bypass authentication on requests consoles (#54445)

* [s] Fixes exploit to bypass authentication on requests consoles

Credit @ alexkar598 https://github.com/yogstation13/Yogstation/pull/10030

* Fix proc call name

* [s] Fixes exploit to bypass authentication on requests consoles

Co-authored-by: Jordan Brown <Cyberboss@users.noreply.github.com>
This commit is contained in:
SkyratBot
2020-10-19 03:22:57 +02:00
committed by GitHub
parent 0bf06bb00b
commit d3b6da0d5b
+2
View File
@@ -259,6 +259,8 @@ GLOBAL_LIST_EMPTY(req_console_ckey_departments)
if(href_list["sendAnnouncement"])
if(!announcementConsole)
return
if(!(announceAuth || isAdminGhostAI(usr)))
return
if(isliving(usr))
var/mob/living/L = usr
message = L.treat_message(message)