repo.or.cz
/
check_mk.git
/
blob
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
log
|
graphiclog1
|
graphiclog2
|
commit
|
commitdiff
|
tree
|
refs
|
edit
|
fork
blame
|
history
|
raw
|
HEAD
Refactoring: Changed remaining check parameters starting with an 's' to the new rules...
[check_mk.git]
/
.werks
/
6619
blob
2dd1482e396c4ef0bf923a58546d9d67b24837b5
1
Title: Fixed missing CSRF protection for master control AJAX calls
2
Level: 1
3
Component: multisite
4
Compatible: compat
5
Edition: cre
6
Version: 1.6.0i1
7
Date: 1537185238
8
Class: security
9
10
The AJAX calls used by the master control snapin were not correctly using
11
CSRF tokens to protect logged in users against malicious links that could
12
trigger actions.
13
14
CMK-963