Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Valid

Reported on

Nov 15th 2021

Description

More CSRFs, related to warnings feature this time

1: /warnings/{id}/deactivate

2: /warnings/{username}/mass-deactivate

3: /warnings/{id}/restore

Proof of Concept

<a href="http://[UNITED-URL]/warnings/{id}/restore">CLICK ME!</a>

Impact

This vulnerability is capable of tricking users to deactivate / restore warnings.

Occurrences

api deactivate / mass-deactivate

mass-deactivate blade (not to be confused with mass-delete directly above)

api restore

We are processing your report and will contact the hdinnovations/unit3d-community-edition team within 24 hours. a year ago
HDVinnie validated this vulnerability a year ago
haxatron has been awarded the disclosure bounty
The fix bounty is now up for grabs
HDVinnie marked this as fixed with commit 33f490 a year ago
HDVinnie has been awarded the fix bounty
This vulnerability will not receive a CVE
web.php#L285L286 has been validated
warninglog.blade.php#L186L189 has been validated
warninglog.blade.php#L35L41 has been validated
warninglog.blade.php#L100L103 has been validated
web.php#L289 has been validated
to join this conversation