Werk #11085: Icon upload: Add missing transaction validation
Component | Setup |
Title | Icon upload: Add missing transaction validation |
Date | Jul 3, 2020 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk Version | 1.6.0p14 2.0.0i1 |
Level | Trivial Change |
Class | Security Fix |
Compatibility | Compatible - no manual interaction needed |
The transaction IDs (CSRF tokens) were not validated while processing the upload of icons. This alone is not a security hole, rather a lack of validation of this call.