Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-14789

Add missing link hash and form token checks to ACP

    Details

    • Type: Improvement
    • Status: Unverified Fix (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.1.10-RC1
    • Component/s: ACP
    • Labels:
      None

      Description

      This will further harden the ACP security by adding link hashes to links and form tokens to forms that did not have these yet and result in modified settings or write action on the filesystem or database. These few links and forms were still relying on the global ACP protection, mainly due to them not posing further risks of compromising data. After this change these willnow also be properly protected against tampering.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Marc Marc
                Reporter:
                CHItA CHItA
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: