Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrTrunggg024A54134D-DF1F-43D4-9B14-45F023CD654A
HistoryAug 10, 2023 - 6:11 p.m.

Misconfiguration in message sending function

2023-08-1018:11:29
trunggg02
www.huntr.dev
10
misconfiguration
messaging function
vulnerability
exposed information
burpsuite
intercept request
editing
demo account
bug bounty

EPSS

0.001

Percentile

40.6%

JSON

Description

Web application misconfiguration in messaging function. This vulnerability results in a user’s messages being automatically sent to all other users. This results in the user’s information potentially being exposed

Proof of Concept

link video Poc
https://drive.google.com/file/d/1eXQXJAeIJ0KVWAKRUeBtvgNZzHW_3la_/view?usp=sharing

Steps

1 . Login to admin account with chorme browser and login to demo account with another browser

2 . Using demo account send message to admin then intercept request with burpsuite and send request to burp repeater for editing

3 . Then fix the contact_id value with 3 , which is the id value of the demo account, let the demo account send messages to itself

4 . After sending a message to yourself, when the demo account sends a message to a certain user, the system will automatically send a message to all users.

Related

osv 1
nvd 1
cvelist 1
cve 1
prion 1
osv
osv
CVE-2023-4704
2023-09-01 10:15:08
nvd
nvd
CVE-2023-4704
2023-09-01 10:15:08
cvelist
cvelist
CVE-2023-4704 External Control of System or Configuration Setting in instantsoft/icms2
2023-09-01 09:55:29
cve
cve
CVE-2023-4704
2023-09-01 10:15:08
prion
prion
Xxe
2023-09-01 10:15:00

EPSS

0.001

Percentile

40.6%

JSON
Related for 4A54134D-DF1F-43D4-9B14-45F023CD654A
osv1nvd1cvelist1cve1prion1