This site has been archived. To learn more about our current products Ibexa Content, Ibexa Experience, Ibexa Commerce head over to the Ibexa Developer Portal

eZ Community » Forums » General » csrf issue

csrf issue

csrf issue

Thursday 25 October 2012 4:47:02 pm - 1 reply


I did a security scan on my local installation (2012.6) recently and got some csrf positives, concerning the form actions content/search, content/advancedsearch, content/action and user/register .

Depending on the security scanner in use, the issue is marked "severity: high" or "low risk".

The request for unique tokens comes up frequently. Up to now I could not find any "official" statements from ez developers. Would be nice to know if there are any protective measures against csrf planned in future releases of eZ Publish.


Thursday 25 October 2012 5:07:19 pm

Hi Horst,

Please checkout


You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from