The settings of repositories is vulnerable to CSRF in ikus060/rdiffweb

Valid

Reported on

Sep 19th 2022

Description

The malicious user can change the settings of repository by sending the URL to the victim.

Proof of Concept

1.Login into the application https://rdiffweb-demo.ikus-soft.com/settings/admin/test-encoding .

2.Go to test-encoding.

3.Check that the value of remove older is forever.

test

4.Open the URL https://rdiffweb-demo.ikus-soft.com/settings/admin/test-encoding?keepdays=1 .

test

5.Refresh the page.

6.The setting is updated.

test

Impact

A malicious user can change the setting of repository.

We are processing your report and will contact the ikus060/rdiffweb team within 24 hours. a year ago
Patrik Dufresne validated this vulnerability a year ago
irfansayyed-github has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
irfansayyed-github
a year ago

Researcher

@admin Could we get a CVE for this?

Jamie Slome
a year ago

Admin

Sure, once we get the go-ahead from the maintainer, we can assign and publish a CVE for you :)

Patrik Dufresne marked this as fixed in 2.4.6 with commit 20fc0d a year ago
Patrik Dufresne has been awarded the fix bounty
This vulnerability will not receive a CVE
irfansayyed-github
a year ago

Researcher

Hi Maintainer,

Could you reply so that @admin can provide the CVE.

irfansayyed-github
a year ago

Researcher

@admin could you check if we get a CVE.

Patrik Dufresne
a year ago

Maintainer

@admin you may assign a CVE for this report.

Jamie Slome
a year ago

Admin

Sorted :)

to join this conversation