index 68941ebfa48a6f871031e715c21cbd71b539fd88..2e415ce94f7824770209cc9dbca94c979a7c2641 100644 (file)
--- a/gosa-core/html/main.php
+++ b/gosa-core/html/main.php
} else {
$old_plugin_dir= "";
}
-if (isset($_GET['plug'])){
+if (isset($_GET['plug']) && $plist->plugin_access_allowed($_GET['plug'])){
$plug= validate($_GET['plug']);
$plugin_dir= $plist->get_path($plug);
session::set('plugin_dir',$plugin_dir);