Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit 0d8813d0 authored by Gary Allan's avatar Gary Allan
Browse files

Bugfix: CSRF outlined in CVE-2020-7988 (#3373) 

Update app/tools/pass-change
 - Add CSRF cookie.
 - Require old password.
 - Prevent old password re-use.
 - Enforce password complexity requirements.

Fixes #3373
parent d12e771c
No related merge requests found
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Another place to be (or not)