[CAM-9107] Prevention of Cross-Site-Request-Forgery Created: 29/May/18  Updated: 19/Sep/18  Resolved: 11/Jul/18

Status: Closed
Project: camunda BPM
Component/s: admin, cockpit, tasklist
Affects Version/s: None
Fix Version/s: 7.10.0, 7.7.9, 7.8.8, 7.9.2, 7.10.0-alpha2

Type: Bug Report Priority: L3 - Default
Reporter: Smirnov Roman Assignee: Michael Schoettes
Resolution: Fixed Votes: 0
Labels: SUPPORT
Remaining Estimate: 0 minutes
Time Spent: Not Specified
Original Estimate: 0 minutes

Issue Links:
Depedendency
is depended on by CAM-9356 There exists a security notice for Wh... Closed
Related

 Description   

The webapp violates against the owasp rule OTG-SESS-005 (Cross-Site-Request-Forgery).


Generated at Wed Jun 26 05:51:39 CEST 2019 using JIRA 6.4.6#64021-sha1:33e5b454af4594f54560ac233c30a6e00459507e.