[Koha] CSRF issues
Paul A
paul.a at navalmarinearchive.com
Tue Dec 2 14:41:45 NZDT 2014
At 06:27 PM 12/1/2014 -0300, Larry Letelier wrote:
>Hi Liz, Everybody:
>
>Carlos publish the issue here:
>http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13367
And I get a great big, red "You are not authorized to access bug #13367"
even after I log in...
Best -- Paul
>Thanks to all,
>--LL
>
>On Mon, Dec 1, 2014 at 5:27 PM, Liz Rea <liz at catalyst.net.nz> wrote:
>
> > Hi Larry,
> >
> > If you wouldn't mind filing your results in a security bug at
> > http://koha-community.org/security/ (the big blue link at the top of
> > that page) it would be very helpful.
> >
> > Thanks for reporting your results to us!
> >
> > Cheers,
> > Liz Rea
> >
> > On 01/12/14 20:17, Larry Letelier N. wrote:
> > > Hi guys,
> > >
> > > In a Security scan test, Koha appears with some issues related to CSRF
> > attacks, we have 3.16 and we are trying with git-bz, but i dont know if
> > that is the right way and how that versión is related with git-bz.
> > >
> > > Any clue?
> > >
> > > Thanks in advance,
> > > -LL
> > >
> > >
> > > _______________________________________________
> > > Koha mailing list http://koha-community.org
> > > Koha at lists.katipo.co.nz
> > > http://lists.katipo.co.nz/mailman/listinfo/koha
> >
> > --
> > --
> > Liz Rea
> > Catalyst.Net Limited
> > Level 6, Catalyst House,
> > 150 Willis Street, Wellington.
> > P.O Box 11053, Manners Street,
> > Wellington 6142
> >
> > GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
> >
> > _______________________________________________
> > Koha mailing list http://koha-community.org
> > Koha at lists.katipo.co.nz
> > http://lists.katipo.co.nz/mailman/listinfo/koha
> >
>
>
>
>--
>*-- Larry Letelier N.*
>*F: **+56 2 3205 2737*
>*F: **+56 9 7589 6842*
>_______________________________________________
>Koha mailing list http://koha-community.org
>Koha at lists.katipo.co.nz
>http://lists.katipo.co.nz/mailman/listinfo/koha
More information about the Koha
mailing list