This repository has been archived by the owner on Apr 16, 2024. It is now read-only.
🐛 BUG: Severe CourseController information leak 🔥 #594
Assignees
Labels
api
All Backend related Issues
bug
This Issue describes a unwanted behavior
🔒 security
This directly pertains to geli's security!
Comments
torss
added
bug
|
Note that there is a related TODO in CourseController.ts
but no mention of the "accessKey" property in the "Success-Response" documentation, so I assume this leak issue is unknown. There is also another TODO in the same file for the "PostCourseWhitelist" API:
This probably should get its own GitHub issue. |
torss
changed the title
torss
changed the title
PatrickSkowronek
added a commit
that referenced
this issue
Apr 15, 2018
PatrickSkowronek
added a commit
that referenced
this issue
Apr 15, 2018
Bugfix/#594 CourseController security flaws
|
You would need to present how you fixed it and how it was possible beforehand to sneak the key. I'd say it looks good for now 👍 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Unauthorized information for all courses is transmitted to any logged in user.
For example, anyone can easily read every course access key using only the built-in browser dev tools.
This is a severe issue and should be fixed ASAP.
Tested access key vulnerability on the staging system using Chrome 65 and confirmed the leak on the live system.
The text was updated successfully, but these errors were encountered: