diff options
author | Reed Loden <reed@reedloden.com> | 2011-12-13 23:30:07 +0100 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2011-12-13 23:30:07 +0100 |
commit | a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1 (patch) | |
tree | 4fd1b57b81d9467912099f4ac3b71fd9af0abd3a /template/en/default/account | |
parent | 0133e0b65b1d73d87604b9f94b92c712206137e3 (diff) | |
download | bugzilla-a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1.tar.gz bugzilla-a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1.tar.xz |
Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible unauthorized account creation e-mail request
[r=mkanat a=mkanat]
Diffstat (limited to 'template/en/default/account')
-rw-r--r-- | template/en/default/account/create.html.tmpl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/template/en/default/account/create.html.tmpl b/template/en/default/account/create.html.tmpl index 5b8220193..5acd9f541 100644 --- a/template/en/default/account/create.html.tmpl +++ b/template/en/default/account/create.html.tmpl @@ -73,6 +73,7 @@ </tr> </table> <br> + <input type="hidden" id="token" name="token" value="[% issue_hash_token(['create_account']) FILTER html %]"> <input type="submit" id="send" value="Send"> </form> |