ID: 6618
Title: Fixed missing CSRF protection for host diagnostic AJAX calls
Component: WATO
Level: 1
Class: Security fix
Version: 1.6.0i1
The AJAX calls used by the host diagnostic page were not correctly using
CSRF tokens to protect logged in users against malicious links that could
trigger actions.
Show replies by date