Full Disclosure mailing list archives
Anti-CSRF Filter Bypass SMF 2.0 / 1.1.14
From: Preth Hoonker <preth00nker () gmail com>
Date: Wed, 24 Aug 2011 16:57:01 -0500
Summary The [img] BBCode tag anti-CSRF filter can be bypassed due to incorrect parsing of the 'action' variable; because of this it is possible to successfully execute CSRF. Description Software: Simple Machines Forum (SMF) Versions: SMF 2.0 / SMF 1.1.14 Publication date: 2011-08-23 Impact: Cross Site Request Forgery Solution: N/A (Vendor informed) Websec-id: ws11-15 Longer description and PoC http://websec.ca/advisories/view/SMF_CSRF_Filter_Bypass http://websec.mx/advisories/view/SMF_Cross_Site_Request_Forgery_Filter_Bypass Author Christian Yerena / A.K.A. preth00nker cyerena [ at ] websec [ dot ] mx
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Anti-CSRF Filter Bypass SMF 2.0 / 1.1.14 Preth Hoonker (Aug 25)