Bug #880

Thread Subscriptions - Invalid Post Code

Added by Ryan Gordon almost 2 years ago. Updated over 1 year ago.

Status:Closed Start date:04/18/2010
Priority:Normal Due date:
Assignee:Ryan Gordon % Done:

100%
Category:-
Target version:-
Reproducibility:Always SQA assignments:
Reported In MyBB Version:1.4.12

Description

There are CSRF issues within all of usercp2.php. We need to add a token to all actions in usercp2.php

Associated revisions

Revision 4887
Added by Ryan Gordon almost 2 years ago

Improvements to PHP's mt_rand RNG seeding (improves:843)
Thanks to Stefan Esser and Dennis Tsang for working on fixing the algorithm
Fixes Thread Subscriptions - Invalid Post Code (fixes:880)

Revision 4962
Added by Ryan Gordon over 1 year ago

Fixes Thread Subscriptions - Invalid Post Code (fixes:880)

History

#1
Updated by Ryan Gordon almost 2 years ago

  • Status changed from Assigned to Resolved
  • % Done changed from 0 to 100

Applied in changeset r4887.

#2
Updated by Huji Lee almost 2 years ago

  • Target version changed from 28 to 1.4.13

#3
Updated by Ryan Gordon almost 2 years ago

  • Project changed from MyBB to Security Issues
  • Target version deleted (1.4.13)

#4
Updated by Michael Malin over 1 year ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF