Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VULN: GET /login?include_auth_token returns an auth token - without CSRF check. #421

Closed
jwag956 opened this issue Jan 1, 2021 · 3 comments · Fixed by #422 or #424
Closed

VULN: GET /login?include_auth_token returns an auth token - without CSRF check. #421

jwag956 opened this issue Jan 1, 2021 · 3 comments · Fixed by #422 or #424
Assignees
@jwag956
Labels
bug Security-Issue
Milestone
4.0

Comments

@jwag956
Copy link
Member

jwag956 commented Jan 1, 2021

As title says - not good...
@jwag956 jwag956 self-assigned this Jan 1, 2021
@jwag956 jwag956 added this to the 4.0 milestone Jan 1, 2021
jwag956 added a commit that referenced this issue Jan 2, 2021
@jwag956
Fix security vuln - GET on /login or /change could reveal authenticat…
3442e0b 
…ion token with no CSRF checks.

GETs no longer return the auth token.

closes: #421
@jwag956 jwag956 mentioned this issue Jan 2, 2021
Merged
jwag956 added a commit that referenced this issue Jan 2, 2021
@jwag956
Fix security vuln - GET on /login or /change could reveal authenticat…
c05afe8 
…ion token with no CSRF checks. (#422)

GETs no longer return the auth token.

closes: #421
jwag956 added a commit that referenced this issue Jan 5, 2021
@jwag956
Documentation changes for /login CSRF vulnerability.
2bf7997 
closes: #421
@jwag956 jwag956 mentioned this issue Jan 5, 2021
Merged
jwag956 added a commit that referenced this issue Jan 5, 2021
@jwag956
Fix security vuln - GET on /login or /change could reveal authenticat…
6d50ee9 
…ion token with no CSRF checks. (#422)

GETs no longer return the auth token.

closes: #421
jwag956 added a commit that referenced this issue Jan 5, 2021
@jwag956
Documentation changes for /login CSRF vulnerability. (#424)
19ef6cf 
closes: #421
jwag956 added a commit that referenced this issue Jan 8, 2021
@jwag956
I421backport (#425)
61d3131 
* Fix security vuln - GET on /login or /change could reveal authentication token with no CSRF checks. (#422)

GETs no longer return the auth token.

closes: #421

* Backport CSRF /login vulnerability.

This will go out at 3.4.5

aargg - issues with black, and other packages w.r.t  py2.7
@mjpieters
Copy link

When can we expect a release for this issue?

@jwag956
Copy link
Member Author

jwag956 commented Jan 8, 2021

3.4.5 is working its way through travis now - travis has been extremely slow - but I hope to get it out by tonight.

@charmander
Copy link

How could a CSRF attack read this token?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jwag956 jwag956

Labels
bug Security-Issue
Projects
None yet
Milestone
4.0
3 participants
@mjpieters @jwag956 @charmander