Session Fixation in filegator/filegator

Valid

Reported on

May 22nd 2022


🔒️ Requirements

None.

📝 Description

The updateUser function does not reset user's session.

🕵️‍♂️ Proof of Concept

Use two browsers and on the first, update the second user's session to delete his privileges.

Session_1.png

Going to the second, you and refreshing the page, you will that the user have lost his right (until his session get over).

Session_2.png

Impact

Due to this vulnerability, it won't be possible to properly handle rights management.

We are processing your report and will contact the filegator team within 24 hours. a month ago
We have contacted a member of the filegator team and are waiting to hear back a month ago
Milos Stojanovic validated this vulnerability a month ago
Mizu has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Milos Stojanovic confirmed that a fix has been merged on fcd399 a month ago
Milos Stojanovic has been awarded the fix bounty
to join this conversation