]> git.koha-community.org Git - koha.git/commit
Bug 16993: Fix CSRF in memberentry.pl
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 28 Jul 2016 11:55:43 +0000 (12:55 +0100)
committerMason James <mtj@kohaaloha.com>
Wed, 3 May 2017 00:43:12 +0000 (12:43 +1200)
commitc6d7fd2dd3a088eb4f5a0ad79b45cff2e257de32
treec62c743a9f258795a5712ea483b5623700568877
parenta6f3a107f1f9dd1a116422e63802f1a322beb364
Bug 16993: Fix CSRF in memberentry.pl

If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' passwords or other
patrons'details

members/memberentry.pl?op=save&destination=circ&borrowernumber=3435&password=ZZZ&password2=ZZZ&nodouble=1

Test plan:

Trigger
members/memberentry.pl?op=save&destination=circ&borrowernumber=42&password=ZZZ&password2=ZZZ&nodouble=1

=> Without this patch, the password will be updated
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: removed the commented use Digest::MD5-line.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Mason James <mtj@kohaaloha.com>
koha-tmpl/intranet-tmpl/prog/en/modules/members/memberentrygen.tt
members/memberentry.pl