• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
_csrf_set_hash() in core security class bug

#1
[eluser]Unknown[/eluser]
When _csrf_set_hash() is call for the very first time a has is generate with


return $this->_csrf_hash = md5(uniqid(rand(), TRUE));


however this has is never set to the cookie


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.