Bug 1252216 - Push extension configuration is vulnerable to CSRF and potentially code execution

author: David Lawrence <dkl@mozilla.com> 2016-03-01 14:13:53 +0100
committer: Dylan Hardison <dylan@mozilla.com> 2016-03-01 14:21:23 +0100
commit: e5b9aa6ef469adb5db2ff4b7575342bd79fd450a (patch)
tree: dde9651c912b6d3f55ff99904f79d9673f624e81 /extensions/Push/template/en/default/pages/push_config.html.tmpl
parent: 4d956493207d37a7d9a24d398d86a8cf1ce86c2d (diff)
download: bugzilla-e5b9aa6ef469adb5db2ff4b7575342bd79fd450a.tar.gz
bugzilla-e5b9aa6ef469adb5db2ff4b7575342bd79fd450a.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/extensions/Push/template/en/default/pages/push_config.html.tmpl b/extensions/Push/template/en/default/pages/push_config.html.tmpl
index 6e6507a39..3783ecad6 100644
--- a/extensions/Push/template/en/default/pages/push_config.html.tmpl
+++ b/extensions/Push/template/en/default/pages/push_config.html.tmpl
@@ -31,6 +31,7 @@ var push_defaults = new Array();
 <form method="POST" action="page.cgi">
 <input type="hidden" name="id" value="push_config.html">
 <input type="hidden" name="save" value="1">
+<input type="hidden" id="token" name="token" value="[% issue_hash_token(['push_config']) FILTER html %]">
 
 <table border="0" cellspacing="0" cellpadding="5" width="100%">
author	David Lawrence <dkl@mozilla.com>	2016-03-01 14:13:53 +0100
committer	Dylan Hardison <dylan@mozilla.com>	2016-03-01 14:21:23 +0100
commit	e5b9aa6ef469adb5db2ff4b7575342bd79fd450a (patch)
tree	dde9651c912b6d3f55ff99904f79d9673f624e81 /extensions/Push/template/en/default/pages/push_config.html.tmpl
parent	4d956493207d37a7d9a24d398d86a8cf1ce86c2d (diff)
download	bugzilla-e5b9aa6ef469adb5db2ff4b7575342bd79fd450a.tar.gz bugzilla-e5b9aa6ef469adb5db2ff4b7575342bd79fd450a.tar.xz