The settings of repositories is vulnerable to CSRF in ikus060/rdiffweb

Valid

Reported on

Sep 19th 2022


Description

The malicious user can change the settings of repository by sending the URL to the victim.

Proof of Concept

1.Login into the application https://rdiffweb-demo.ikus-soft.com/settings/admin/test-encoding .

2.Go to test-encoding.

3.Check that the value of remove older is forever.

test

4.Open the URL https://rdiffweb-demo.ikus-soft.com/settings/admin/test-encoding?keepdays=1 .

test

5.Refresh the page.

6.The setting is updated.

test

Impact

A malicious user can change the setting of repository.

We are processing your report and will contact the ikus060/rdiffweb team within 24 hours. 12 days ago
Patrik Dufresne validated this vulnerability 11 days ago
irfansayyed-github has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
irfansayyed-github
11 days ago

Researcher


@admin Could we get a CVE for this?

Jamie Slome
11 days ago

Admin


Sure, once we get the go-ahead from the maintainer, we can assign and publish a CVE for you :)

Patrik Dufresne confirmed that a fix has been merged on 20fc0d 11 days ago
Patrik Dufresne has been awarded the fix bounty
irfansayyed-github
10 days ago

Researcher


Hi Maintainer,

Could you reply so that @admin can provide the CVE.

irfansayyed-github
10 days ago

Researcher


@admin could you check if we get a CVE.

Patrik Dufresne
10 days ago

Maintainer


@admin you may assign a CVE for this report.

Jamie Slome
9 days ago

Admin


Sorted :)

to join this conversation