Fixed issue #9761: CSRF token entropy

Dev At least on logout the current CSRF token is renewed

application/controllers/admin/authentication.php

@@ -124,7 +124,10 @@ public function logout()
         /* Adding beforeLogout event */
         $beforeLogout = new PluginEvent('beforeLogout');
         App()->getPluginManager()->dispatchEvent($beforeLogout);
-
+        // Expire the CSRF cookie
+        $cookie = new CHttpCookie('cookie_name', $value);
+        $cookie->expire = time()-3600; 
+        Yii::app()->request->cookies['YII_CSRF_TOKEN'] = $cookie;
         App()->user->logout();
         App()->user->setFlash('loginmessage', gT('Logout successful.'));