From e2c374fc474f91cc1c04aaae68e15cef6984f494 Mon Sep 17 00:00:00 2001
From: Alexander Hofstede <alexander@mobbr.com>
Date: Thu, 17 May 2012 00:28:08 +0200
Subject: Check cookie against md5 regex.

Otherwise, cookie can contain arbitrary injected code that gets sent
back directly to the browser.
---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide/changelog.html')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 613c4e65d..38275955b 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -85,6 +85,7 @@ Change Log
 	<li>Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.</li>
 	<li>Fixed a bug (#538) - Windows paths were ignored when using the <a href="libraries/image_lib.html">Image Manipulation Class</a> to create a new file.</li>
 	<li>Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.</li>
+    <li>Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.</li>
 </ul>
 
 
-- 
cgit v1.2.3-24-g4f1b