Description
The Crowd webapp and OpenID Server should protect their login page against CSRF attacks. This prevents attacks where a user is logged in under another set of credentials without their permission, or cases where a client is tricked into helping with brute force attacks.