AnsweredAssumed Answered

Cross Site Request Forgery (XSRF) Attack Detected - SugarCRM 7.9 restrictions

Question asked by MAYER ELYASHIV on May 27, 2017
Latest reply on May 28, 2017 by Hemant Patil

Form authentication failure

Hi everyone, have you ever seen this:

Immagine incorporata 1
[Cross Site Request Forgery (XSFR) Attack Detected]
?
This comes when you submit a form (think about a SaveConfig form in Admin page); 
you'll get it if you haven't previously inserted into your form this snip:
{sugar_csrf_form_token}
You can find an example in /modules/Administration/PasswordManager.tpl 

Outcomes