Recent Topics

Secunia advisory on CSRF issue?

started by on Jul 13, 2010 – Last touched: Jul 13, 2010

Jul 13, 2010 05:03    

My b2evolution Version:

What is being done about the following advisory? (I checked to see if I could somehow quietly contact the team about this, but since I just get directed to post here... well, I am... sorry.) Is there a 3.3.4 in the works?

http://secunia.com/advisories/40490/

Thanks.

Jul 15, 2010 18:36

Thanks for letting us know.
Moved to the bugs forum.

Jul 30, 2010 04:24

Strong CSRF security has been added to b2evolution 4.0. This one is super secure, that is for sure.

I am not sure about the severity of the issue in v 3.3.3. I tend to believe it's very hard to implement such a hack.


Form is loading...

powered by b2evolution – This forum is powered by b2evolution CMS, a complete engine for your website.