Cross Site Scripting warning when logging into End User View

book

Article ID: 170404

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

When an Active Directory user tries to access Control Center interface by clicking on the "Login to End User View" link in the Logout menu, a possible cross site request forgery exception is displayed.

"Possible Cross Site Request Forgery"

[BrightmailLog.log]

Oct 05 2017 00:35:41 [http-bio-443-exec-1] [DefaultAction] ERROR - Anti-CSRF : Invalid token for saving details. 
Possible Cross-Site Request Forgery request. Skipping processing....URL : https://10.219.175.45:443/brightmail/action3.do

Environment

Messaging Gateway

Resolution

This issue has been addressed with the SMG 10.6.4 release.

Attachments