Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

Valid

Reported on

Jul 21st 2021


✍️ Description

CSRF bug to delete customer price

🕵️‍♂️ Proof of Concept

Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when delete customer price .
https://demo.dolibarr.org/product/price.php?action=delete_customer_price&id=476&lineid=327

💥 Impact

csrf attack

We have contacted a member of the dolibarr team and are waiting to hear back a year ago
Laurent Destailleur confirmed that a fix has been merged on 0749d0 a year ago
Laurent Destailleur has been awarded the fix bounty
to join this conversation