Session Fixation in gunet/openeclass

Valid

Reported on

Sep 29th 2021


Description

The Cookie before & after user login doesn't change

Proof of Concept

// PoC.js
1 Load website in a new browser
2 Get cookie before login
3 Login to website
4 Get cookie after login
Compare those 2 values

Impact

Through other attack methods such as XSS, the attacker can store the user's cookies and access them later.

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago
We have contacted a member of the gunet/openeclass team and are waiting to hear back a year ago
gunet/openeclass maintainer validated this vulnerability a year ago
lethanhphuc has been awarded the disclosure bounty
The fix bounty is now up for grabs
gunet/openeclass maintainer confirmed that a fix has been merged on 21105c a year ago
The fix bounty has been dropped
gunet/openeclass maintainer
a year ago

Maintainer


Thanks for the report! We have applied a fix to the next release branch (3.12.x) and will be porting it forward to the default (4.0 future release) branch.

lethanhphuc
a year ago

Researcher


You're welcome ^^

to join this conversation