Skip to content

CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS