Cross-Site Request Forgery (CSRF) in kestasjk/webdiplomacy


Reported on

Jul 23rd 2021

✍️ Description

csrf bug to change user profile

🕵️‍♂️ Proof of Concept

I see there no csrf token checking when updating user-profile save bellow html code in html file and host this file . Now sent this file link to vicitm when victim open the link then his profile information will be changed .

<form action="" method="post" id="myForm">
<input type=hidden name="userForm[comment]" value="yyyy">
  <input type="submit" value="Submit">

💥 Impact

attacker can change vicitm profile information when he open a malicious link

We have contacted a member of the kestasjk/webdiplomacy team and are waiting to hear back 2 years ago
Kestas "Chris" Kuliukas validated this vulnerability 2 years ago
ranjit-git has been awarded the disclosure bounty
The fix bounty is now up for grabs
Kestas "Chris" Kuliukas marked this as fixed with commit e1b873 2 years ago
Kestas "Chris" Kuliukas has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation