Loading...

XML

Word

Printable

Type: Defect (Security)
Resolution: Fixed
Priority: Minor
Fix Version/s: 4.0.30rc1, 5.0.10rc1, 5.2.6rc1, 5.4.0beta2, 5.4 (plan)
Affects Version/s: None
Component/s: Frontend (F)
Labels:
- security

Sprint:
Sprint 74 (Mar 2021)
Story Points:
2

Please review and update all controller actions and non-MVC pages for CSRF token (SID) validation

caused by

ZBXNEXT-6294 Replace all mass-update pages with popup windows

Closed

part of

ZBX-18942 CControllerAuthenticationUpdate controller is not protected by a CSRF token (CVE-2021-27927)

Closed

mentioned in: Page Loading...; Page Loading...

Assignee:: Roberts Lataria (Inactive)

Reporter:: Rostislav Palivoda

Team:: Team D

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2021 Mar 04 09:40

Updated:: 2024 Apr 10 17:23

Resolved:: 2021 Mar 26 15:31