Session Fixation in filegator/filegator

Valid

Reported on

May 22nd 2022

🔒️ Requirements

None.

📝 Description

The updateUser function does not reset user's session.

🕵️‍♂️ Proof of Concept

Use two browsers and on the first, update the second user's session to delete his privileges.

Session_1.png

Going to the second, you and refreshing the page, you will that the user have lost his right (until his session get over).

Session_2.png

Impact

Due to this vulnerability, it won't be possible to properly handle rights management.

We are processing your report and will contact the filegator team within 24 hours. a year ago
We have contacted a member of the filegator team and are waiting to hear back a year ago
Milos Stojanovic validated this vulnerability a year ago
Mizu has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Milos Stojanovic marked this as fixed in 7.8.0 with commit fcd399 a year ago
Milos Stojanovic has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation