From 08e06f9789e9a550bc79f6bbbbd6230da20fd28f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 23:28:57 +0200 Subject: [PATCH] Fix #hunter2c606116-f212-49e0-967c-11f8666be43b --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 4dff3426ac961..2bd3f3192e546 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -461,7 +461,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type) // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addtimespent', 'update', 'install', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_delete', 'confirm_deletedir', 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable', 'doprev', 'donext', 'dvprev', 'dvnext', 'enable', 'setpricelevel'