More than 5 years have passed since last update.

CSRF 対策のバグの対策

ECCUBE2

Posted at 2015-10-26

2.13.4
- 脆弱性
- [TRANSACTION_ID が NULL === NULL で正常となる] (https://github.com/EC-CUBE/eccube-2_13/issues/67)

    public function isValidToken($is_unset = false)
    {
        // token の妥当性チェック
-        $ret = $_REQUEST[TRANSACTION_ID_NAME] === $_SESSION[TRANSACTION_ID_NAME];
+        $ret = $_REQUEST[TRANSACTION_ID_NAME] === $_SESSION[TRANSACTION_ID_NAME] 
+               && isset($_REQUEST[TRANSACTION_ID_NAME]);

        if ($is_unset || $ret === false) {
            SC_Helper_Session_Ex::destroyToken();
        }

        return $ret;
    }

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up