#9409 Add CSRF check to review read operation

classes/controllers/grid/users/reviewer/PKPReviewerGridHandler.inc.php

@@ -550,6 +550,8 @@ function unconsiderReview($args, $request) {
 	 * @return JSONMessage JSON object
 	 */
 	function reviewRead($args, $request) {
+		if (!$request->checkCSRF()) return new JSONMessage(false);
+
 		// Retrieve review assignment.
 		$reviewAssignment = $this->getAuthorizedContextObject(ASSOC_TYPE_REVIEW_ASSIGNMENT); /* @var $reviewAssignment ReviewAssignment */