Bug #2386: Backend forms need token protection checks - CB GroupJive - Joomlapolis forge

Actions

Copy link

Bug #2386

closed

Backend forms need token protection checks

Added by beat about 13 years ago. Updated about 13 years ago.

Status:

Closed

Priority:

Normal

Assignee:

beat

Target version:

2.0

Start date:

09 March 2011

Due date:

% Done:

100%

Estimated time:

Description

All backend forms have token protections with cbGetSpoofInputTag(), but save functions e.g. saveCategoryEdit evaluating posts need to check them to protect against CSRF attacks

This is done with cbSpoofCheck( 'plugin' ); in this case.

Actions

Copy link

Updated by beat about 13 years ago

Not only save but actions like order up and down and publish/unpublish need token checks

Actions

Copy link

Updated by beat about 13 years ago

Subject changed from Backend forms need token protection to Backend forms need token protection checks

Actions

Copy link

Updated by krileon about 13 years ago

Status changed from New to Resolved
Assignee changed from krileon to beat
% Done changed from 0 to 100

Fixed in r1613

Actions

Copy link

Updated by krileon about 13 years ago

Status changed from Resolved to Closed

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Incubator » CB GroupJive

Custom queries

Bug #2386

Backend forms need token protection checks

Updated by beat about 13 years ago

Updated by beat about 13 years ago

Updated by krileon about 13 years ago

Updated by krileon about 13 years ago