Closed this issue 4 years ago · 1 comments
Users with enough experience can easily alter caching token cookie to circumvent login and see the ACP frontend. Although the user cannot alter any data in the ACP, this is unwanted.
fixed in 484adfa