Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-4873 Security issue: Editing pages using URL
  3. XWIKI-5463

Fix all applications to use CSRF tokens

    XMLWordPrintable

Details

    • Medium

    Description

      All affected forms and links will need to include the token as a parameter. Scripts that modify data will need to check the token first.

      Attachments

        Issue Links

          depends on

          Task - A task that needs to be done. XAADMINISTRATION-170 Add CSRF protection to administration application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAAM-87 Add CSRF protection to application-manager application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XABLOG-109 Add CSRF protection to blog application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XACALENDAR-15 Add CSRF protection to calendar application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAINVITATION-12 Add CSRF protection to invitation application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAOFFICE-50 Add CSRF protection to officeimporter application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAPANELS-130 Add CSRF protection to panels application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAPHOTO-5 Add CSRF protection to photoalbum application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XASCH-55 Add CSRF protection to scheduler application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XASEARCH-11 Add CSRF protection to search application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XATAG-40 Add CSRF protection to tag application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAWM-121 Add CSRF protection to wiki-manager application

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. XAWORKSTREAM-4 Add CSRF protection to workstream application

          • Major - Major loss of function.
          • Closed

          Activity

            People

              nickless Alex Busenius
              nickless Alex Busenius
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: