We've joined Protect AIJoin us over there for bounties up to $50,000+ for vulnerabilities in AI/ML repos

Cross-Site Request Forgery (CSRF) in ampache/ampache

Valid

Reported on

Aug 31st 2021

✍️ Description

csrf bug to disable user

🕵️‍♂️ Proof of Concept

I see during disable a user there is no csrf token is checking .
1. First login into admin account .
2. Now copy url http://localhost/ampache-develop/public/admin/users.php?action=disable&user_id=3 and paste in browser tab and hit enter .
Now user will be disabled.

💥 Impact

disable user using csrf bug

Occurrences

We have contacted a member of the ampache team and are waiting to hear back 2 years ago
lachlan validated this vulnerability 2 years ago
ranjit-git has been awarded the disclosure bounty
The fix bounty is now up for grabs
lachlan
2 years ago

i've put enable and disable behind confirmation dialogs now with https://github.com/ampache/ampache/commit/bcdd8bb86dcaec87248071aa5ebeacf73c20932c

lachlan marked this as fixed with commit bcdd8b 2 years ago
lachlan has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation