]> git.koha-community.org Git - koha.git/commit
Bug 16591: Fix CSRF in opac-memberentry
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 26 May 2016 11:33:13 +0000 (12:33 +0100)
committerKyle M Hall <kyle@bywatersolutions.com>
Fri, 24 Jun 2016 11:55:15 +0000 (11:55 +0000)
commit779fa7c6da03fd3173de4a5c21d5615b83ac3ee4
treeb99bf843747886c761867411d07f4e5ed0f2a394
parent2279a2fea05bc4d6e27b239f45c5d5733a37eef2
Bug 16591: Fix CSRF in opac-memberentry

If an attacker can get an authenticated Koha user to visit their page
with the code below, they can update the victim's details to arbitrary
values.

Test plan:

Trigger
/cgi-bin/koha/opac-memberentry.pl?action=update&borrower_B_city=HACKED&borrower_firstname=KOHA&borrower_surname=test

=> Without this patch, the update will be done (or modification
request)
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Do some regression tests with this patch applied (Update patron infos)

QA note: I am not sure it's useful to create a digest of the DB pass,
but just in case...

Reported by Alex Middleton at Dionach.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
C4/Installer/PerlDependencies.pm
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
opac/opac-memberentry.pl