This site has been archived and you can no longer log in or post new messages. For up-to-date community resources please visit

eZ Community » Forums » General » csrf issue

csrf issue

csrf issue

Thursday 25 October 2012 4:47:02 pm - 1 reply


I did a security scan on my local installation (2012.6) recently and got some csrf positives, concerning the form actions content/search, content/advancedsearch, content/action and user/register .

Depending on the security scanner in use, the issue is marked "severity: high" or "low risk".

The request for unique tokens comes up frequently. Up to now I could not find any "official" statements from ez developers. Would be nice to know if there are any protective measures against csrf planned in future releases of eZ Publish.


Thursday 25 October 2012 5:07:19 pm

Hi Horst,

Please checkout


You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from