Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

Valid

Reported on

Jul 21st 2021

✍️ Description

CSRF bug to classify bill of sales-order

🕵️‍♂️ Proof of Concept

Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when classify bill of sales-order .
https://demo.dolibarr.org/commande/card.php?id=1493&action=classifybilled

💥 Impact

csrf attack

Occurrences

main.inc.php L463-L482

We have contacted a member of the dolibarr team and are waiting to hear back 2 years ago

ranjit-git modified the report

2 years ago

ranjit-git modified the report

2 years ago

Laurent Destailleur validated this vulnerability 2 years ago

ranjit-git has been awarded the disclosure bounty

The fix bounty is now up for grabs

Laurent Destailleur marked this as fixed with commit 8bdc53 2 years ago

Laurent Destailleur has been awarded the fix bounty

This vulnerability will not receive a CVE

main.inc.php#L463-L482 has been validated

to join this conversation

We have contacted a member of the dolibarr team and are waiting to hear back 2 years ago

ranjit-git modified the report

2 years ago

ranjit-git modified the report

2 years ago

Laurent Destailleur validated this vulnerability 2 years ago

ranjit-git has been awarded the disclosure bounty

The fix bounty is now up for grabs

Laurent Destailleur marked this as fixed with commit 8bdc53 2 years ago

Laurent Destailleur has been awarded the fix bounty

This vulnerability will not receive a CVE

main.inc.php#L463-L482 has been validated

to join this conversation