diff --git a/CHANGES.rst b/CHANGES.rst
index c02a5f47..e4b78280 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -5,6 +5,9 @@ Changelog
 1.2.70 (unreleased)
 -------------------
 
+- WEB-4143 : Fix a CSRF bug in section files
+  [boulch]
+
 - WEB-4144 : Set requests timeout to 12 when we populate RemoteContacts vocabulary
   [remdub]
 
diff --git a/src/imio/smartweb/core/contents/sections/files/view.py b/src/imio/smartweb/core/contents/sections/files/view.py
index d3bc119e..672398d4 100644
--- a/src/imio/smartweb/core/contents/sections/files/view.py
+++ b/src/imio/smartweb/core/contents/sections/files/view.py
@@ -4,13 +4,16 @@
 from imio.smartweb.core.utils import batch_results
 from imio.smartweb.core.utils import get_scale_url
 from plone import api
+from plone.protect.interfaces import IDisableCSRFProtection
 from zope.component import queryMultiAdapter
+from zope.interface import alsoProvides
 
 
 class FilesView(CarouselOrTableSectionView):
     """Files Section view"""
 
     def items(self):
+        alsoProvides(self.request, IDisableCSRFProtection)
         orientation = self.context.orientation
         image_scale = self.image_scale
         items = super(FilesView, self).items()