csrf bug to remove a bookmark in sissbruecker/linkding
Mar 26th 2022
CSRF bug to remove bookmark
Proof of Concept
There is no csrf token check during bookmark remove .
Let say there is two user 1. user-A --> victim
2. user-B --> attacker \
1. user-A create bookmark and lets bookmark id is 123
2. Now user-B attacker send a link https://demo.linkding.link/bookmarks/123/remove?return_url=%2Fbookmarks to victim user-A .
When user-A open this link then his bookmark will be deleted
csrf bug to delete victim bookmark