]> git.koha-community.org Git - koha.git/commit
Bug 16993: Fix CSRF in memberentry.pl
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 28 Jul 2016 11:55:43 +0000 (12:55 +0100)
committerKyle M Hall <kyle@bywatersolutions.com>
Wed, 10 Aug 2016 13:25:25 +0000 (13:25 +0000)
commit09d0b1310bda677b6939b59ea8a68f84e2ec93f6
treeeb59336d63a52450f13141eea4620a0fcbaeb6f7
parent893f6cc2633744d4f539fd1b6b9f4b8837277d2d
Bug 16993: Fix CSRF in memberentry.pl

If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' passwords or other
patrons'details

members/memberentry.pl?op=save&destination=circ&borrowernumber=3435&password=ZZZ&password2=ZZZ&nodouble=1

Test plan:

Trigger
members/memberentry.pl?op=save&destination=circ&borrowernumber=42&password=ZZZ&password2=ZZZ&nodouble=1

=> Without this patch, the password will be updated
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: removed the commented use Digest::MD5-line.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
koha-tmpl/intranet-tmpl/prog/en/modules/members/memberentrygen.tt
members/memberentry.pl