MYBB HTML Form Without CSRF Protection

tr Gaddar (TR) tr
Risk: Medium
Local: Yes
Remote: Yes

Author : Gaddar ~ Turkish Vulnerability Researcher Tested On : Kali Linux/Opera Browser Local : Yes Team : Yer6Sec Turkish Security Crew Vulnerability Description ; • This alert may be a false positive, manual confirmation is required. • Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized • commands are transmitted from a user that the website trusts. • Acunetix WVS found a HTML form with no apparent CSRF protection implemented. Consult details for more information about the affected HTML form. • This vulnerability affects /forumdisplay.php (c665df4242c1a82f6a9aa0a0d24afa6a). Request GET /forumdisplay.php?fid=2 HTTP/1.1 Pragma: no-cache Cache-Control: no-cache Referer: Acunetix-Aspect: enabled Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: __cfduid=d8286188354df2224659ab6e9929e718f1575228127; mybb[lastvisit]=1575228126; mybb[lastactive]=1575228128; sid=9289656bb25617f993170ad3da2d9291 Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36 Accept: */* Response HTTP/1.1 200 OK Date: Sun, 01 Dec 2019 19:22:09 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Set-Cookie: mybb[lastactive]=1575228129; expires=Mon, 30-Nov-2020 19:22:09 GMT; path=/; CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="" Server: cloudflare CF-RAY: 53e76da1cfb372c3-AMS Original-Content-Encoding: gzip Content-Length: 19188 CWE CWE-352 CVSS Base Score: 2.6 - AV:N/AC:H/Au:N/C:N/I:P/A:N Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None How to fix this vulnerability Check if this form requires CSRF protection and implement CSRF countermeasures if necessary.

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020,


Back to Top