Cross-Site Request Forgery (CSRF) in e107inc/e107

Valid

Reported on

Dec 25th 2021

Description

Hi there, there is a Cross Site Request Forgery in e107 that allows an attacker to force admin user to repair a plugin.

Proof of Concept

  1. Install e107 in your system
  2. Log in as adminstrator
  3. Copy this link and paste to your browser: /e107/e107_admin/plugin.php?mode=installed&action=repair&path=banner
  4. Now the plugin banner is repaired.

Impact

This vulnerability is capable of allowing attacker to force admin user to repair a plugin.

We are processing your report and will contact the e107inc/e107 team within 24 hours. a year ago
We have contacted a member of the e107inc/e107 team and are waiting to hear back a year ago
We have sent a follow up to the e107inc/e107 team. We will try again in 7 days. a year ago
Cameron validated this vulnerability a year ago
justinp09010 has been awarded the disclosure bounty
The fix bounty is now up for grabs
Cameron marked this as fixed in 2.3.2 with commit 7de11e a year ago
Cameron has been awarded the fix bounty
This vulnerability will not receive a CVE
plugin.php#L1045 has been validated
to join this conversation