FanFootage: Session Token is not Verified while changing Account Setting's which Result In account Takeover

2014-06-07T13:28:21
ID H1:15476
Type hackerone
Reporter shubham
Modified 2014-06-14T17:44:38

Description

Dear Team,

Step-by-step instructions on how to reproduce the problem:

It was found the application is vulnerable to CSRF attack. To achieve the same,

Session Token is not Verified while changing Account Setting's which Result In account Takeover

Description:-

I have found that while changing Setting Session token is not verified .So an attacker can basically plot a CSRF attack which would change the default email of the user and this would led to account takeover.

POC:-

I have made proof of concept video of the same:-https://www.youtube.com/watch?v=oCpAu18ULQQ The Above Video is Unlisted.

Regard :- Shubham Gupta