| عنوان | ChurchCRM ChurchCRM (GitHub: ChurchCRM/CRM) <= 5.18.0 Authentication Bypass / Access Control |
|---|
| الوصف | A critical authentication bypass in ChurchCRM’s API middleware allows unauthenticated attackers to access protected API endpoints by including the substring api/public anywhere in the request URI (path, query string, or fragment). The middleware used str_contains($request->getUri(), 'api/public'), which matched the full URI instead of only the path. An attacker can bypass authentication by adding a query parameter such as ?bypass=api/public, resulting in exposure and potential modification of sensitive data (member records, family relationships), triggering background jobs, abusing geocoding endpoints, and deleting calendar entries where allowed. |
|---|
| المصدر | ⚠️ https://github.com/uartu0/advisories/blob/main/churchcrm-api-auth-bypass-2025.md |
|---|
| المستخدم | uartu0 (UID 90021) |
|---|
| ارسال | 06/10/2025 04:17 PM (8 أشهر منذ) |
|---|
| الاعتدال | 08/10/2025 09:14 PM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 327667 [ChurchCRM حتى 5.18.0 API Endpoint AuthMiddleware.php AuthMiddleware توثيق ضعيف] |
|---|
| النقاط | 20 |
|---|