We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSRF exists in BigTree CMS Less than 4.2.18 with the force parameter to the /admin/pages/revisions.php, For example: http://www.attacker.com/admin/pages/revisions/1/?force=false. A page with id=1 can be unlocked.
you my be use verifyCSRFToken() function.
thank you !
The text was updated successfully, but these errors were encountered:
Remove the possibility of a CSRF attack unlocking a page / module entry.
c17d09b
#281
No branches or pull requests
CSRF exists in BigTree CMS Less than 4.2.18 with the force parameter to the /admin/pages/revisions.php, For example:
http://www.attacker.com/admin/pages/revisions/1/?force=false. A page with id=1 can be unlocked.
you my be use verifyCSRFToken() function.
thank you !
The text was updated successfully, but these errors were encountered: