Cross-Site Request Forgery (CSRF) in thorsten/phpmyfaq

Valid

Reported on

Dec 28th 2021

Description

Hi there, there is a CSRF in your logout function. This will force admin to logout if he/she clicks on the link attacker gives him.

Proof of Concept

  1. Install phpmyfaq on your system.
  2. Login as admin
  3. Open this link /admin/index.php?action=logout
  4. See that you are logged out of phpmyfaq.

Impact

This vulnerability is capable of CSRF.

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. a year ago
We have contacted a member of the thorsten/phpmyfaq team and are waiting to hear back a year ago
Thorsten Rinne validated this vulnerability a year ago
justinp09010 has been awarded the disclosure bounty
The fix bounty is now up for grabs
Thorsten Rinne submitted a
patch
a year ago
Thorsten Rinne
a year ago

Maintainer

This is the fix for the 3.0 branch, will merge it later to main.

https://github.com/thorsten/phpMyFAQ/commit/d9d41476a5ceaa333d272abb5a5d2e03a8ac11fb

Thorsten Rinne
a year ago

Maintainer

Can you confirm the patch?

Thorsten Rinne marked this as fixed in 3.0.10 with commit 560239 a year ago
Thorsten Rinne has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation