Relationship Graph

View IssueDependency GraphShow Summary
Relationship Graph
related to related to child of child of duplicate of duplicate of

View Issue Details

WikiRelated ChangesetsJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0010691mantisbtcustomizationpublic2009-07-06 04:192013-07-17 10:29
Reporterdhx Assigned Todhx  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.2.0rc1 
Target Version1.2.0rc2Fixed in Version1.2.0rc2 
Summary0010691: Missing form security token for delete button on manage_proj_ver_edit_page.php
Description

The CSRF token is expected by manage_proj_ver_delete.php but isn't provided in the form submitted via manage_proj_ver_edit_page.php

TagsNo tags attached.

Relationships

Relationship GraphDependency Graph
related to 0010627 closeddhx Ensure all forms use CSRF protection 

Activities

dhx

dhx

2009-07-06 04:42

reporter   ~0022413

This one is OK for public release because it actually prevents anyone from deleting a version from a project and therefore can't be hacked :p

Related Changesets

MantisBT: master-1.2.x 831919e7

2009-07-06 04:21

dhx


Details Diff		 Fix 0010691: missing CSRF token for version delete Affected Issues
0010691
mod - manage_proj_ver_edit_page.php Diff File