You are not logged in. Please login or register.
PunBB Forums → PunBB 1.3 troubleshooting → CSRF for markread, markforumread, etc.?
Perhaps these actions should get CSRF tokens, as with logout and some of the moderator tools? Currently someone could trick other users into performing such actions by embedding them in [img] tags, for instance. It's not exactly a security vulnerability, but it would certainly be a nuisance, and there are unfortunately a great deal of people who go out of their way to be nuisances on forums.
Mmm, fair enough.
Done. I added it to the two you mentioned and to the delete avatar link. Any other places you can think of?
I just added it to the subscribe/unsubscribe links as well 
Cool, thanks.
I think admin/reindex.php might also be vulnerable to this. An attacker could try to direct an admin to admin/reindex.php?i_per_page=1&i_start_at=1&i_empty_index=1 -- this would empty the search_matches and search_words tables, and wouldn't repopulate them with more than one post (assuming the attacker uses an [img] or somesuch, in which case the browser obviously wouldn't follow the window.location=... thing). But maybe I'm missing something about how reindex.php works (I hope I am 
).
No, you're probably right. I'll check it out and add it if necessary.
Added
PunBB Forums → PunBB 1.3 troubleshooting → CSRF for markread, markforumread, etc.?
Powered by PunBB, supported by Informer Technologies, Inc.