diff --git a/inc/Action/Logout.php b/inc/Action/Logout.php
index 28e8fee584..1fc4f36e2e 100644
--- a/inc/Action/Logout.php
+++ b/inc/Action/Logout.php
@@ -33,6 +33,8 @@ public function preProcess() {
         global $ID;
         global $INPUT;
 
+        if (!checkSecurityToken()) throw new ActionException();
+
         // when logging out during an edit session, unlock the page
         $lockedby = checklock($ID);
         if($lockedby == $INPUT->server->str('REMOTE_USER')) {