Описание
ipl/web's ipl\Web\Common\CsrfCounterMeasure is susceptible to CSRF
Impact
Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF)
Affected products:
- Icinga Web (>=2.12.0)
- Icinga DB Web (>=1.0.0)
- Icinga Notifications Web (>=0.1.0)
- Icinga Web JIRA Integration (>=1.3.0)
All affected products, in any version, will be unaffected by this once icinga-php-library is upgraded.
Patches
Version 0.10.1 will include a fix for this. It will be published as part of the icinga-php-library v0.14.1 release.
Пакеты
ipl/web
< 0.10.1
0.10.1
Связанные уязвимости
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is upgraded. Version 0.10.1 includes a fix for this. It will be published as part of the `icinga-php-library` v0.14.1 release.
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is upgraded. Version 0.10.1 includes a fix for this. It will be published as part of the `icinga-php-library` v0.14.1 release.
ipl/web is a set of common web components for php projects. Some of th ...