Recent Topics
  1. b2evolution CMS Support Forums
  2. Archives
  3. Older bugs
  4. Bugs in 3.3.x
  5. Secunia advisory on CSRF issue?

Secunia advisory on CSRF issue?

1 Jul 13, 2010 05:03    

My b2evolution Version:

What is being done about the following advisory? (I checked to see if I could somehow quietly contact the team about this, but since I just get directed to post here... well, I am... sorry.) Is there a 3.3.4 in the works?

http://secunia.com/advisories/40490/

Thanks.

Back to top

2 Jul 15, 2010 18:36

Thanks for letting us know.
Moved to the bugs forum.

Back to top

3 Jul 30, 2010 04:24

Strong CSRF security has been added to b2evolution 4.0. This one is super secure, that is for sure.

I am not sure about the severity of the issue in v 3.3.3. I tend to believe it's very hard to implement such a hack.

Back to top


Form is loading...