Reply To: $ in password no auth

Forums Network Management ZeroShell $ in password no auth Reply To: $ in password no auth


Thanks for the reply. I saw your post and I agree with you that is not such a big deal to change the admin password, the problem is to tell to 400 professors and 7000 students not to use $ in __their__ password.
I cannot even submit a patch or look to the code, since the problem seems to be inside zscp, and the source code AFAIK is not available (fulvio, can you confirm this?).
I’ll try to figure out if it is possible to escape the $ adding some javascript to the login page.