[ https://issues.apache.org/jira/browse/CONNECTORS-1595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16802998#comment-16802998 ]
Karl Wright commented on CONNECTORS-1595: ----------------------------------------- Please describe (1) what the attack looks like and (2) how this compromises MCF security. > cross-site request forgery vulnerability > ---------------------------------------- > > Key: CONNECTORS-1595 > URL: https://issues.apache.org/jira/browse/CONNECTORS-1595 > Project: ManifoldCF > Issue Type: Improvement > Components: API > Affects Versions: ManifoldCF 2.12 > Reporter: roel goovaerts > Priority: Minor > > It appears that manifoldcf does not implement any CSRF protection. -- This message was sent by Atlassian JIRA (v7.6.3#76005)