repo.or.cz
/
check_mk.git
/
blob
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
log
|
graphiclog1
|
graphiclog2
|
commit
|
commitdiff
|
tree
|
refs
|
edit
|
fork
blame
|
history
|
raw
|
HEAD
Licenses: Updated the list of licenses and added a PDF containing all license texts
[check_mk.git]
/
.werks
/
6618
blob
9218c5297f68694adf764bc89dc0444fd478f4ff
1
Title: Fixed missing CSRF protection for host diagnostic AJAX calls
2
Level: 1
3
Component: wato
4
Compatible: compat
5
Edition: cre
6
Version: 1.6.0i1
7
Date: 1537178166
8
Class: security
9
10
The AJAX calls used by the host diagnostic page were not correctly using
11
CSRF tokens to protect logged in users against malicious links that could
12
trigger actions.