[SECURITY] Prevent editor controlled hmac content
An hmac of the editor controlled auto respond message was used to verifiy the correctness of this message on submit. To prevent this, we add an additional secret. Change-Id: I1551feebd4dd84abeb3fb098175384f425f605a9 Fixes: #45043 Releases: 4.5, 4.7, 6.0, 6.1, 6.2 Security-Commit: 344975268f4b9eb4ce7c664958647b9268ea03a8 Security-Bulletin: TYPO3-CORE-SA-2013-004 Reviewed-on: https://review.typo3.org/26223 Reviewed-by: Oliver Hader Tested-by: Oliver Hader
Showing
- typo3/sysext/frontend/Classes/ContentObject/FormContentObject.php 1 addition, 1 deletion...sext/frontend/Classes/ContentObject/FormContentObject.php
- typo3/sysext/frontend/Classes/Controller/DataSubmissionController.php 1 addition, 1 deletion.../frontend/Classes/Controller/DataSubmissionController.php
Please register or sign in to comment