MYBB HTML Form Without CSRF Protection

2019.12.01
tr Gaddar (TR) tr
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A

Author : Gaddar ~ Turkish Vulnerability Researcher Tested On : Kali Linux/Opera Browser Local : Yes Team : Yer6Sec Turkish Security Crew Vulnerability Description ; • This alert may be a false positive, manual confirmation is required. • Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized • commands are transmitted from a user that the website trusts. • Acunetix WVS found a HTML form with no apparent CSRF protection implemented. Consult details for more information about the affected HTML form. • This vulnerability affects /forumdisplay.php (c665df4242c1a82f6a9aa0a0d24afa6a). Request GET /forumdisplay.php?fid=2 HTTP/1.1 Pragma: no-cache Cache-Control: no-cache Referer: https://www.targetsite.com/forumdisplay.php Acunetix-Aspect: enabled Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: __cfduid=d8286188354df2224659ab6e9929e718f1575228127; mybb[lastvisit]=1575228126; mybb[lastactive]=1575228128; sid=9289656bb25617f993170ad3da2d9291 Host: www.wmduragi.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36 Accept: */* Response HTTP/1.1 200 OK Date: Sun, 01 Dec 2019 19:22:09 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Set-Cookie: mybb[lastactive]=1575228129; expires=Mon, 30-Nov-2020 19:22:09 GMT; path=/; domain=.targetsite.com CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server: cloudflare CF-RAY: 53e76da1cfb372c3-AMS Original-Content-Encoding: gzip Content-Length: 19188 CWE CWE-352 CVSS Base Score: 2.6 - AV:N/AC:H/Au:N/C:N/I:P/A:N Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None How to fix this vulnerability Check if this form requires CSRF protection and implement CSRF countermeasures if necessary.


Vote for this issue:
90%
10%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top