Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[userTypeFix]: Privilege Escalation through login mutation Response Interception #2103

Closed
krishna619 opened this issue Mar 26, 2024 · 4 comments
Closed

[userTypeFix]: Privilege Escalation through login mutation Response Interception #2103

krishna619 opened this issue Mar 26, 2024 · 4 comments
Labels
bug Something isn't working feature request security Security fix unapproved Unapproved for Pull Request userTypeFix

Comments

@krishna619
Copy link

Describe the bug
In the Talawa Admin dashboard where intercepting and modifying the response to the login mutation can escalate privileges. Specifically, changing the isSuperAdmin value to true in the intercepted response grants super admin privileges to the user. This issue poses a significant security risk, allowing unauthorized access to super admin functionalities.

To Reproduce
Steps to reproduce the behavior:

  1. Log in to the Talawa Admin dashboard as an admin.
  2. Intercept the network response to the login mutation.
  3. Modify the isSuperAdmin field value from false to true.
  4. Observe that the user session now has super admin privileges.

Expected behavior
The application should securely validate user privileges on the server side, preventing the escalation of privileges through client-side manipulation.

Screenshots
image

Burp.Suite.Professional.v2023.12.1.2.-.Temporary.Project.-.Licensed.to.Zer0DayLab.Crew.2024-03-27.00-29-35.mp4

Additional details
Add any other context or screenshots about the feature request here.

Potential internship candidates
Please read this if you are planning to apply for a Palisadoes Foundation internship PalisadoesFoundation/talawa#359
@krishna619 krishna619 added the bug Something isn't working label Mar 26, 2024
@github-actions github-actions bot added feature request security Security fix unapproved Unapproved for Pull Request labels Mar 26, 2024
@krishna619
Copy link
Author

image

@palisadoes please add the userTypeFix tag.

@palisadoes
Copy link
Contributor

Is this opened in the correct repo?

@krishna619
Copy link
Author

@palisadoes hey I feel that this should come under admin repo, closing this and creating one in the admin repo.
I have fixed it, please assign this to me

@krishna619 krishna619 mentioned this issue Mar 27, 2024
Closed
@Cioppolo14 Cioppolo14 closed this as not planned Won't fix, can't repro, duplicate, stale Mar 28, 2024
@Cioppolo14
Copy link
Contributor

Closed this as the issue was moved to admin.

@pranshugupta54 pranshugupta54 mentioned this issue Mar 28, 2024
Open
@palisadoes palisadoes mentioned this issue Mar 28, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working feature request security Security fix unapproved Unapproved for Pull Request userTypeFix
Projects
`userType` Remediation
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@palisadoes @krishna619 @Cioppolo14