diff --git a/modules/backend/classes/Controller.php b/modules/backend/classes/Controller.php
index b27d7b678..fd1e16119 100644
--- a/modules/backend/classes/Controller.php
+++ b/modules/backend/classes/Controller.php
@@ -786,7 +786,7 @@ class Controller extends ControllerBase
 
         $token = Request::input('_token') ?: Request::header('X-CSRF-TOKEN');
 
-        if (!strlen($token)) {
+        if (!strlen($token) || !strlen(Session::token())) {
             return false;
         }
 
diff --git a/modules/cms/classes/Controller.php b/modules/cms/classes/Controller.php
index 1bb899373..1887c6811 100644
--- a/modules/cms/classes/Controller.php
+++ b/modules/cms/classes/Controller.php
@@ -1596,7 +1596,7 @@ class Controller
 
         $token = Request::input('_token') ?: Request::header('X-CSRF-TOKEN');
 
-        if (!strlen($token)) {
+        if (!strlen($token) || !strlen(Session::token())) {
             return false;
         }