LimeSurvey: master d77319cf

Diff Back to Repository
Author Committer Branch Timestamp Parent
DenisChenu DenisChenu master 2015-06-17 14:03:14 master 580b58d0
Changeset

Fixed issue : CSRF vulnerability in KCFinder
Dev: added controlCSRFToken function
Dev: using it for all $_POST in browser (delete/rename)
Dev: using it in upload public function in uploader
mod - third_party/kcfinder/core/class/browser.php Diff File
mod - third_party/kcfinder/core/class/uploader.php Diff File
mod - third_party/kcfinder/js/060.toolbar.js Diff File
mod - third_party/kcfinder/tpl/tpl_browser.php Diff File
mod - third_party/kcfinder/tpl/tpl_javascript.php Diff File