Cross-Site Request Forgery (CSRF) in yourls/yourls
Valid
Reported on
Dec 24th 2021
Description
- Hi there YOURLS team, I would like to report a Cross Site Request forgery vulenrability on YOURLS. Cross-site request forgery (also known as CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other.
- In case of YOURLS, this CSRF allows a hacker to trick user to logout of yourls.
Proof of Concept
- Install a local instace of YOURLS
- Access this link: admin/index.php?action=logout
- See that you are logged out of yourls.
- In the real attack scenario, the hacker would feed this URL to the targeted user, and when they click the links, they are automatically logged out of YOURLS
Impact
This vulnerability is capable of CSRF.
Occurrences
References
We are processing your report and will contact the
yourls
team within 24 hours.
2 years ago
We have contacted a member of the
yourls
team and are waiting to hear back
2 years ago
Yeah, indeed. Thanks for reporting. I've filed an issue as a reminder and will check this after the holidays https://github.com/YOURLS/YOURLS/issues/3170
HI there, thank you for your response. Would you mind validating this report?
We have sent a
follow up to the
yourls
team.
We will try again in 7 days.
2 years ago
We have sent a
second
follow up to the
yourls
team.
We will try again in 10 days.
2 years ago
admin-ajax.php#L43
has been validated
Note that it's the 3rd or 4th time I have been "awared the fix bounty" and I have not yet been actually awarded something... :)
to join this conversation