Session Fixation in gunet/openeclass

Valid

Reported on

Sep 29th 2021

Description

The Cookie before & after user login doesn't change

Proof of Concept

// PoC.js
1 Load website in a new browser
2 Get cookie before login
3 Login to website
4 Get cookie after login
Compare those 2 values

Impact

Through other attack methods such as XSS, the attacker can store the user's cookies and access them later.

We created a GitHub Issue asking the maintainers to create a SECURITY.md 2 years ago

We have contacted a member of the gunet/openeclass team and are waiting to hear back 2 years ago

A gunet/openeclass maintainer validated this vulnerability 2 years ago

lethanhphuc has been awarded the disclosure bounty

The fix bounty is now up for grabs

A gunet/openeclass maintainer marked this as fixed with commit 21105c 2 years ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

A gunet/openeclass maintainer

commented 2 years ago

Maintainer

Thanks for the report! We have applied a fix to the next release branch (3.12.x) and will be porting it forward to the default (4.0 future release) branch.

lethanhphuc

commented 2 years ago

Researcher

You're welcome ^^

to join this conversation

We created a GitHub Issue asking the maintainers to create a SECURITY.md 2 years ago

We have contacted a member of the gunet/openeclass team and are waiting to hear back 2 years ago

A gunet/openeclass maintainer validated this vulnerability 2 years ago

lethanhphuc has been awarded the disclosure bounty

The fix bounty is now up for grabs

A gunet/openeclass maintainer marked this as fixed with commit 21105c 2 years ago

The fix bounty has been dropped

This vulnerability will not receive a CVE

A gunet/openeclass maintainer

commented 2 years ago

Maintainer

Thanks for the report! We have applied a fix to the next release branch (3.12.x) and will be porting it forward to the default (4.0 future release) branch.

lethanhphuc

commented 2 years ago

Researcher

You're welcome ^^

to join this conversation