Project

General

Profile

Actions

Bug #2386

closed

Backend forms need token protection checks

Added by beat about 13 years ago. Updated about 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
09 March 2011
Due date:
% Done:

100%

Estimated time:

Description

All backend forms have token protections with cbGetSpoofInputTag(), but save functions e.g. saveCategoryEdit evaluating posts need to check them to protect against CSRF attacks

This is done with cbSpoofCheck( 'plugin' ); in this case.

Actions

Also available in: Atom PDF