Cross-Site Request Forgery (CSRF) in liangliangyy/djangoblog

Valid

Reported on

Jan 17th 2022

Description

Hi there, I would like to report a Cross Site Request Forgery in djangoblog source code. Cross-site request forgery (also known as CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. This is due to the use of GET request in refresh cache url.

Proof of Concept

Install a local instance of djangoblog
Access this link /refresh and see that all cache is cleared.
In real attack scenario, the attacker would feed this link to django blog admin and when they clicks it, the cache is cleared.

Impact

This vulnerability is capable of forcing the admin to clear djangoblog cache against his/her will.

References

https://portswigger.net/web-security/csrf

We are processing your report and will contact the liangliangyy/djangoblog team within 24 hours. a year ago

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

We have contacted a member of the liangliangyy/djangoblog team and are waiting to hear back a year ago

We have sent a follow up to the liangliangyy/djangoblog team. We will try again in 7 days. a year ago

且听风吟 validated this vulnerability a year ago

M0rphling has been awarded the disclosure bounty

The fix bounty is now up for grabs

且听风吟 marked this as fixed in none with commit ccbb65 a year ago

且听风吟 has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation