An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
References:GSA_kwCzR0hTQS01djVxLTNtN20tOTdqN84AAkyB
Image Resizer Cross-Site Request Forgery (CSRF)
| Affected Packages | Affected Versions | Fixed Versions | |
|---|---|---|---|
| packagist:verbb/image-resizer | < 2.0.9 | 2.0.9 | |
Affected Version RangesAll affected versions2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8 All unaffected versions2.0.9, 2.0.10, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 4.0.0, 4.0.1, 4.0.2, 4.0.3 |
|||