Lucene search

Veracode Vulnerability DatabaseVERACODE:42872

HistoryAug 22, 2023 - 3:06 a.m.

Cross-Site Request Forgery (CSRF)

2023-08-2203:06:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cross-site request forgery

csrf

wallabag vulnerability

configcontroller.php

get requests

delete endpoint

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

wallabag/wallabag is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists due to the lack of a CSRF token in the resetAction function of ConfigController.php, which allows an attacker to arbitrarily delete the victim user’s annotations, entries and tags by sending GET requests to /reset/annotations, /reset/entries, /reset/tags, /reset/archived, and /delete/[Entry ID] endpoints

CPENameOperatorVersion
wallabag/wallabagle2.6.2
wallabag/wallabagle2.6.2

CPE	Name	Operator	Version
	wallabag/wallabag	le	2.6.2
	wallabag/wallabag	le	2.6.2

References

github.com/advisories/GHSA-p8gp-899c-jvq9

github.com/wallabag/wallabag/commit/78b0b55c40511e1f22d5bbb4897aa10fca68441c

huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299

huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299/

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

Related for VERACODE:42872