Session Fixation in pheditor/pheditor
Valid
Reported on
Oct 7th 2021
Description
Session Fixation vulnerability found in pheditor in which it doesn't expire the sessions after password update.
Proof of Concept
// PoC
1. Open normal tab and one private tab
2. Open the pheditor on both of them and log in as a user
3. From private tab change the user password and log out.
4. On the normal tab refresh the page and you will see the session is still maintained and you can access the files.
Impact
The session doesn't expire even after the victim changes the password.
Occurrences
We have contacted a member of the
pheditor
team and are waiting to hear back
a year ago
For Video POC: https://drive.google.com/file/d/1CyURCv2teZPTl7l1WfPRmy1jM9_Eja2s/view?usp=sharing
pheditor.php#L356-L378
has been validated
@admin why bounty is $5 only i saw $25 before disclosing this issue.
@x3rz - the maintainer now has the ability to choose the reward for reports up to the reward that you see when you disclosed the vulnerability.
:| okay still I don't know why the maintainer set low bounty on this one
to join this conversation