Cross-Site Request Forgery (CSRF) in e107inc/e107

Valid

Reported on

Dec 25th 2021


Description

Hi there, there is a Cross Site Request Forgery in e107 that allows an attacker to force admin user to repair a plugin.

Proof of Concept

  1. Install e107 in your system
  2. Log in as adminstrator
  3. Copy this link and paste to your browser: /e107/e107_admin/plugin.php?mode=installed&action=repair&path=banner
  4. Now the plugin banner is repaired.

Impact

This vulnerability is capable of allowing attacker to force admin user to repair a plugin.

We are processing your report and will contact the e107inc/e107 team within 24 hours. a month ago
We have contacted a member of the e107inc/e107 team and are waiting to hear back a month ago
We have sent a follow up to the e107inc/e107 team. We will try again in 7 days. a month ago
Cameron validated this vulnerability a month ago
justinp09010 has been awarded the disclosure bounty
The fix bounty is now up for grabs
Cameron confirmed that a fix has been merged on 7de11e a month ago
Cameron has been awarded the fix bounty
plugin.php#L1045 has been validated