Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-19150

Review all controller actions for SID validation (CVE-2021-27927)

    XMLWordPrintable

    Details

    • Team:
      Team D
    • Sprint:
      Sprint 74 (Mar 2021)
    • Story Points:
      2

      Description

      Please review and update all controller actions and non-MVC pages for CSRF token (SID) validation

        Attachments

          Issue Links

          caused by

          Change Request - An Change Request or enhancement Improvement to an existing feature or task. ZBXNEXT-6294 Replace all mass-update pages with popup windows

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Closed
          part of

          Defect (Security) - Discovered security vulnerabilities in Zabbix ZBX-18942 CControllerAuthenticationUpdate controller is not protected by a CSRF token (CVE-2021-27927)

          • Major - Major loss of function.
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

            Activity

              People

              Assignee:
              rlataria Roberts Lataria
              Reporter:
              palivoda Rostislav Palivoda
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: