Details
-
Type:
Defect (Security)
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 4.0.30rc1, 5.0.10rc1, 5.2.6rc1, 5.4.0beta2, 5.4 (plan)
-
Component/s: Frontend (F)
-
Labels:
-
Team:Team D
-
Sprint:Sprint 74 (Mar 2021)
-
Story Points:2
Description
Please review and update all controller actions and non-MVC pages for CSRF token (SID) validation
Attachments
Issue Links
- caused by
-
ZBXNEXT-6294 Replace all mass-update pages with popup windows
-
- Closed
-
- part of
-
ZBX-18942 CControllerAuthenticationUpdate controller is not protected by a CSRF token (CVE-2021-27927)
-
- Closed
-