Information leakage in EXIF data of images in answerdev/answer

Valid

Reported on

Mar 29th 2023

Description

EXIF stands for Exchangeable Image File Format and the EXIF data contains information such as the camera model and make, shutter speed, aperture, focal length, ISO number, date, time and much more. It can also store GPS coordinates of the location where an image was shot.

Proof of Concept

1.Upload any image in profile picture or comment 
2. Open picture and intercept request using burp suit.

3. Download exif metadata extension.

4. Check in repeater response Geolocation and many meta data showing.

Impact

This data breach is critical due to the following reasons:

An attacker can get the exact location where a particular photo was taken

A photo can be easily replicated by using the metadata of the image

The following image/picture shows an example of the data stored in the image metadata.

We are processing your report and will contact the answerdev/answer team within 24 hours. 2 months ago

We have contacted a member of the answerdev/answer team and are waiting to hear back 2 months ago

A answerdev/answer maintainer validated this vulnerability a month ago

https://github.com/answerdev/answer/commit/ac3f2f047ee00b4edaea7530e570ab67ff87cd6a

Nilabh Rajpoot has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

A answerdev/answer maintainer marked this as fixed in 1.0.8 with commit ac3f2f a month ago

The fix bounty has been dropped

This vulnerability has been assigned a CVE

A answerdev/answer maintainer published this vulnerability a month ago

to join this conversation