Cross-Site Request Forgery (CSRF) in liangliangyy/djangoblog

Valid

Reported on

Jan 17th 2022


Description

Hi there, I would like to report a Cross Site Request Forgery in djangoblog source code. Cross-site request forgery (also known as CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. This is due to the use of GET request in refresh cache url.

Proof of Concept

  1. Install a local instance of djangoblog
  2. Access this link /refresh and see that all cache is cleared.
  3. In real attack scenario, the attacker would feed this link to django blog admin and when they clicks it, the cache is cleared.

Impact

This vulnerability is capable of forcing the admin to clear djangoblog cache against his/her will.

We are processing your report and will contact the liangliangyy/djangoblog team within 24 hours. 4 months ago
We created a GitHub Issue asking the maintainers to create a SECURITY.md 4 months ago
We have contacted a member of the liangliangyy/djangoblog team and are waiting to hear back 4 months ago
We have sent a follow up to the liangliangyy/djangoblog team. We will try again in 7 days. 4 months ago
且听风吟 validated this vulnerability 4 months ago
M0rphling has been awarded the disclosure bounty
The fix bounty is now up for grabs
且听风吟 confirmed that a fix has been merged on ccbb65 4 months ago
且听风吟 has been awarded the fix bounty
to join this conversation