<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763">Greetings all,<br clear="all"></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763">Our campus IT department just sent me a report from Detectify.com indicating that our archivesspace server has several CSRF vulnerabilities. We are running v2.7.0 I read through the release notes, searched this list, jira, and github and haven't found anything recent. </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763">Has anybody else come across this issue?</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763">Many thanks,</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;color:#073763">Kim</div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)">_________________________________<br>Kimberli M. Kelmor</span></font><div><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)">Head of Law Library Technology</span></font></div><div><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)">Georgetown University Law Library</span></font></div><div><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)"><a href="mailto:kk1210@georgetown.edu" target="_blank">kk1210@georgetown.edu</a></span></font></div><div><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)">202-662-9158</span></font></div><div><a href="http://www.law.georgetown.edu/150" target="_blank"><img src="https://lh6.googleusercontent.com/FpzXR-vMaSBId2uQ3gk2s3rdAasy95uNi1FTPGmQtP9h3hEcwFf8bCa5AyIHYt-rafqobzptSTKb_-S5ZvFjOOeUvFad23_lyHjrUv4_pBUArVNfs0J1JbNxVlDsSJpA80HuwtwK" width="96" height="53"></a><font size="1" color="#073763" face="tahoma, sans-serif"><span style="background-color:rgb(255,255,255)"><br></span></font></div><div><font size="1" color="#999999"><i>Law Library colleagues: to keep email from consuming me, I'll only be checking it at set points during the day. If you have an urgent technology concern, please use <a href="mailto:lawlibraryers@georgetown.edu" target="_blank">lawlibraryers@georgetown.edu</a>. If you need to contact me personally please use slack. Thanks!</i></font></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>