summaryrefslogtreecommitdiffstats
path: root/template/en/default
diff options
context:
space:
mode:
authorReed Loden <reed@reedloden.com>2011-12-13 23:26:45 +0100
committerReed Loden <reed@reedloden.com>2011-12-13 23:26:45 +0100
commitcc86e1bc247787a6dd28f4604b93e08415ecd4fb (patch)
tree7608f271062b3bb1d6696983e46031b8ad2a1d18 /template/en/default
parent49445ac5eb1b8f0b44f29942e2ea1e941dff4807 (diff)
downloadbugzilla-cc86e1bc247787a6dd28f4604b93e08415ecd4fb.tar.gz
bugzilla-cc86e1bc247787a6dd28f4604b93e08415ecd4fb.tar.xz
Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible unauthorized account creation e-mail request
[r=mkanat a=mkanat]
Diffstat (limited to 'template/en/default')
-rw-r--r--template/en/default/account/create.html.tmpl1
1 files changed, 1 insertions, 0 deletions
diff --git a/template/en/default/account/create.html.tmpl b/template/en/default/account/create.html.tmpl
index bf273e459..a2a2e9fc6 100644
--- a/template/en/default/account/create.html.tmpl
+++ b/template/en/default/account/create.html.tmpl
@@ -71,6 +71,7 @@
</tr>
</table>
<br>
+ <input type="hidden" id="token" name="token" value="[% issue_hash_token(['create_account']) FILTER html %]">
<input type="submit" id="send" value="Send">
</form>